b91d50fbf30d45588d4f065c10713c17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b91d50fbf30d45588d4f065c10713c17_JaffaCakes118
Size

316KB
MD5

b91d50fbf30d45588d4f065c10713c17
SHA1

165beb7cd04c8ee4b3c7e4499ce3e946183a680b
SHA256

042a7cd1def63c1c71725313e3547076a8305c38ceae6c56e283a5d54220c77d
SHA512

10a4b206defb4a9731edb848bede319496c4e552168d012cabc2704812e1d36e76506239821272c688f1b9f6681a032b92caa52b7ebda21fe859c7c81da6fe8e
SSDEEP

6144:RBF4z+Jq3Ntu+FWkFip1HaTTirGWpC5mO8ij3KIz:Z4z19dfFib6Ti5o7KIz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b91d50fbf30d45588d4f065c10713c17_JaffaCakes118

Files

b91d50fbf30d45588d4f065c10713c17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1490c0b87e16a8de93a1b1a0b9efe12b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
LoadLibraryExA
GetEnvironmentStringsA
GetCommConfig
GetCurrentThread
GetTimeFormatA
GetCurrentProcessId
VirtualProtect
HeapDestroy
HeapCreate
GetACP
DeleteAtom
GetTapeStatus
CreateHardLinkA
GetStdHandle
GetModuleHandleA
CreateFileMappingA
WaitForSingleObject
IsDebuggerPresent
GetProcessVersion
GetLogicalDrives

user32

GetCursorPos
GetDlgItem
EndPaint
SetActiveWindow
ReleaseDC
GetClassNameA
ShowWindow
SetForegroundWindow
GetParent
DragDetect
FrameRect
DrawTextA
GetWindow
GetFocus
FillRect
GetTitleBarInfo
GetWindowTextLengthA
wsprintfA
BeginPaint

advapi32

RegEnumKeyA
RegSetValueExA
RegCreateKeyA
RegFlushKey
RegCloseKey

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ