c7ba7cd4f900eea8df3de6aa4b31eb3d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7ba7cd4f900eea8df3de6aa4b31eb3d_JaffaCakes118
Size

413KB
MD5

c7ba7cd4f900eea8df3de6aa4b31eb3d
SHA1

b46fa927b91cd1aeb54e0e3b50556e9f193866c2
SHA256

1b7c1d0366369b1abbcddac76276efde391055e9a4efb4b5f39531cd9d22739c
SHA512

5e81f64a86d856707b3380fcd1d5c9f00524e95b28960f1a3715733df32daec7e56b42c0a5fd8b5379422e1c1c6171ed1d89ed347d75ae10dedb25544e598a28
SSDEEP

6144:0GoNREtUzhIBhwrtKQeMixD10lqk3A+8sJSy91qBrXVXHMOXXNdgtCxdJS0:CW6bcOZ3AuwiqBrFpXXg0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7ba7cd4f900eea8df3de6aa4b31eb3d_JaffaCakes118

Files

c7ba7cd4f900eea8df3de6aa4b31eb3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5da8fd1e59bb39034b81d87da49f329b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetProfileStringA
GetUserDefaultLangID
GetOEMCP
GlobalFlags
EnterCriticalSection
EnumDateFormatsA
GlobalFree
GetProfileIntA
GetStdHandle
CreateMailslotA
GetTapeStatus
GlobalLock
FindAtomA
GetProcessHeap
LocalHandle
ExitProcess
GetVolumePathNameA
CreateJobSet
GetModuleHandleA
VirtualAlloc

user32

GetForegroundWindow
GetFocus
DrawEdge
GetWindow
GetDC
ReleaseDC
GetActiveWindow
ValidateRect
ShowWindow
GetParent
GetClassNameA
GetWindowTextA
CloseWindow
GetClassInfoExA
GetWindowTextLengthA
IsIconic
RegisterClassA
EndPaint
BeginPaint

gdi32

CreateDIBitmap
GetCharWidthA
ExtCreatePen
GetColorSpace
CreateDCA

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ