ba50791facdc44cd30025dbe7dc4e551_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba50791facdc44cd30025dbe7dc4e551_JaffaCakes118
Size

55KB
MD5

ba50791facdc44cd30025dbe7dc4e551
SHA1

0742442899084bd14f14eae5f5e3b713cdd47abd
SHA256

33914001d06335131abb1ca0649e0d643da27e936e3218a204dce71be1bd4c73
SHA512

aabdc0c70ce3f0d9e9f2ca044e696a80f823f9cb59758886edd7697bc3b985636ff94317d98a184e716b1e0f9a7b1881345cc074162dde76dc1ebbe13fbb37bd
SSDEEP

1536:IQKAmKaN/mnnYE3X/3VCS38Re0yAvT1hWvrF80NTdXXV+mDOJmNm:sZanYQP3hM6y1YrF80/X89Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba50791facdc44cd30025dbe7dc4e551_JaffaCakes118

Files

ba50791facdc44cd30025dbe7dc4e551_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e641430379512a56bb67764e34ce1534

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
GetSystemTime
GetTickCount
GetVersion
lstrcatA
lstrcpynA
lstrlenA
GetModuleFileNameA
GetTempPathA
GetProcAddress
GetLocalTime
GetModuleHandleA
GetLastError
FindAtomA
LoadLibraryA
GetTempFileNameA
lstrcpyA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
GetCommandLineA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

GetCursorPos
GetFocus
InflateRect
wsprintfA
GetCaretPos
EqualRect
IsWindowVisible
ClientToScreen
GetWindowRect

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE