c7f330f42115d1c41682c034193a5944_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7f330f42115d1c41682c034193a5944_JaffaCakes118
Size

4.0MB
MD5

c7f330f42115d1c41682c034193a5944
SHA1

48953068e94341294f46dc4df9fc4bdd629be340
SHA256

111ac1dbc8a378aa0b1fc0027f5a05d4f35395d30a8130d35adbc031f0d3d87a
SHA512

a685ad03df347605a11bd32506ed616fd79f2f2a4bd4e60762c0370e1ad07fd8f115d1f004b8c9b5b91bbf2c7ac3084ee52dbeae6fdf5d2e8fee6a015a48548f
SSDEEP

98304:0/c8cgvFGPxsLkn/9EecA0D1JkR3DHOnDuCBlks:008fFG5sLknOePTqWs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7f330f42115d1c41682c034193a5944_JaffaCakes118

Files

c7f330f42115d1c41682c034193a5944_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4ede5177b6636d1cb5585fc6b3cc9194

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeaps
SetFileAttributesA
VirtualFree
Thread32First
GlobalWire
GetLastError
_lwrite
LocalSize
SetComputerNameExA
OpenFileMappingA
VirtualAlloc
GetCommProperties
TransmitCommChar
ExitThread
SetConsoleNumberOfCommandsA

user32

RegisterShellHookWindow
HiliteMenuItem
GetClassNameA
RegisterLogonProcess
GetGuiResources
GetCursorInfo
PostThreadMessageW
PostThreadMessageA
SetMenu
SetWindowWord
BroadcastSystemMessageExA
DestroyReasons
ShowOwnedPopups
GetMenuState
DrawCaptionTempA

Sections

.text
Size: 817KB - Virtual size: 816KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 753KB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ