c78da0f473da8a10bef2cedd2118d44c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c78da0f473da8a10bef2cedd2118d44c_JaffaCakes118
Size

22KB
MD5

c78da0f473da8a10bef2cedd2118d44c
SHA1

43d8df4c5432d182b7f437ae5bf9b7a3dde3bfc6
SHA256

74c9fdbff5b3b0350d649553c402342e79b17f7418e5ccc3d2a42ab3dc2f9d55
SHA512

c831e23888cfa414daaf9c80fb84a977540be6e6dc06c671f13fad70011022291244040efb1dfaaea9f58c20a7860d79158c9858ebfc8f65a879d566680893fe
SSDEEP

384:mZLZMGDREFFZzzjbS6osH/2C9VEOJMzT9Khx9KmWIJG155poH1LchU:mZNMGDcFFjbtow/2WzMzYhuOu55yVLce

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c78da0f473da8a10bef2cedd2118d44c_JaffaCakes118

Files

c78da0f473da8a10bef2cedd2118d44c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08d5b112c9d2ff7224b3567aa0d44598

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
ExitProcess
GetLastError
CreateThread
lstrcmpiA
ExitThread
GetTickCount
WaitForSingleObject
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetLocaleInfoA
GetVersionExA
LoadLibraryA
GetProcAddress
GetModuleHandleA
ExpandEnvironmentStringsA
GetModuleFileNameA
GetTempPathA
ReleaseMutex
CreateMutexA
LocalFree
LocalAlloc
TerminateThread
GetFileAttributesA
CopyFileA
SetFileAttributesA
GetStartupInfoA

user32

BringWindowToTop
SetForegroundWindow
SetFocus
ShowWindow
keybd_event
VkKeyScanA
EnumWindows
GetClassNameA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
strcmp
strlen
_snprintf
strcpy
sprintf
srand
memset
memcpy
rand
atoi
strcat
free
malloc
strncpy
_vsnprintf
??2@YAPAXI@Z
strstr
strchr
strtok
memcmp
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE