b7a36df2b4fbf76c666f383a6d38cf60_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7a36df2b4fbf76c666f383a6d38cf60_JaffaCakes118
Size

312KB
MD5

b7a36df2b4fbf76c666f383a6d38cf60
SHA1

dcb6dc4132d7a4b457ab331d4acb98ad1ecd0166
SHA256

59fc2e76b8f95ba75a19062a2a12dbf77564073d914d9fb4c515d40c56c90591
SHA512

8a365195592718ad341b674bf29dd835847bf9cdc59fe386ac785a8d6e3f87493a2a70f91908ad8e782f92922907077f8bf6661f82d5cee4a847dc547b32f617
SSDEEP

6144:TrTuETVyp+zFTan/bdV+6A5iP2naGmzvXYu5aRCaMMQG:TWr+zUDvA5eYYvYiaPMY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7a36df2b4fbf76c666f383a6d38cf60_JaffaCakes118

Files

b7a36df2b4fbf76c666f383a6d38cf60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

700704dee7c1378620d295d57566df5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
FlushFileBuffers
LoadLibraryExA
RaiseException
IsDebuggerPresent
HeapCreate
GetCurrentThread
GetACP
VirtualProtect
GetLocaleInfoA
OpenMutexA
GetCurrentProcessId
GetStdHandle
InterlockedExchange
GlobalFree
SetEvent
ReadConsoleA
GetCommandLineA
FreeEnvironmentStringsA
CreateFileA
GetSystemDirectoryA

user32

BeginPaint
FillRect
GetCursorPos
GetWindowTextA
wsprintfA
GetWindow
GetParent
GetFocus
FrameRect
ReleaseDC
ShowWindow
GetDlgItem
ValidateRgn
SetActiveWindow
SetForegroundWindow
EndPaint
IsIconic
GetClassNameA
DrawTextA

crypt32

CertDuplicateStore
CertFindAttribute
CertCloseStore
CertCreateContext
CertControlStore

apphelp

ApphelpCheckIME

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ