b9c0837324b1ceb3ac90e30ec1b77135_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9c0837324b1ceb3ac90e30ec1b77135_JaffaCakes118
Size

368KB
MD5

b9c0837324b1ceb3ac90e30ec1b77135
SHA1

b91ad67f557b47df82d28640970d25c6a834e967
SHA256

7cc4b806ebb0341ea7773f9770c3873ed9a3b31ce0bc355f034a2fb2961f5903
SHA512

d42914bf3df250f23e44f18076f60880f28794578eae0b2fdc5d3d015205963aadc00c9b02397eff759b1c97bd15f64cb75edab35b394287944fca389b71d8e9
SSDEEP

6144:1W5RMOhrVf/DRauRHlwrFYaN5ino7241GtMqzIXPH8CV+mybPzKP3zUeXm9+r:1mRMArpDneFNzino7IUHybPzQjUeX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9c0837324b1ceb3ac90e30ec1b77135_JaffaCakes118

Files

b9c0837324b1ceb3ac90e30ec1b77135_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63bcbf32efb874107897cc0027dba46f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
FindAtomW
GetNumberFormatW
GetCurrentProcessId
EnumCalendarInfoW
EnterCriticalSection
GetCurrentThreadId
GetConsoleAliasW
SetLastError
ReadFile
lstrlenW
FindClose
CreateEventW
GetDriveTypeW
GetModuleHandleA
SetEvent
GetPrivateProfileStringW
TlsGetValue
LocalFree
HeapCreate

user32

GetKeyState
GetSysColor
GetMenuInfo
DispatchMessageA
GetClassInfoA
GetKeyboardType
CallWindowProcW
DispatchMessageA
GetCursorInfo
SetFocus
GetClientRect
IsWindow
DrawTextA

wsnmp32

SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ