c96a6870eb1fc981a1cc1ddcea81e5f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c96a6870eb1fc981a1cc1ddcea81e5f8_JaffaCakes118
Size

33KB
MD5

c96a6870eb1fc981a1cc1ddcea81e5f8
SHA1

f38519d4f55cef8df4b04a83b6d40e2b7c2eaad9
SHA256

fd76906fab1b5d20ac25d2a6fc471e9d944528152240856cdd513ee19ec29077
SHA512

4a85d9753bc8d945aa76ae46e6effed0555cdb4a8e8ff87844ed47c2eb6f19f871eccbb3317d7780ab049bdbc6ec8363e409df1c87f975a8a70937d0b8aee36d
SSDEEP

768:sPQOXJaQuCCh+tybV0hTRzNek2Cfzx/Ji3akSm55mA15HDC7plja:AQOXU4KcybV05JZxImAfO7pda

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/windowsup.exe

Files

c96a6870eb1fc981a1cc1ddcea81e5f8_JaffaCakes118
.rar
windowsup.exe
.exe windows:4 windows x86 arch:x86

3793db0299b649264adb2f28b6734d9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3

kernel32

WaitForSingleObject
lstrcatA
CreateThread
GetLastError
CreateMutexA
lstrcmpA
lstrcpyA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetCommandLineA
WriteProcessMemory
ExitProcess
GetModuleFileNameW
Sleep
ReadProcessMemory
GetModuleHandleA
GetCurrentProcess
IsDebuggerPresent
lstrcmpiA
lstrlenA
AllocConsole
HeapFree
GetEnvironmentVariableA
HeapAlloc
GetStartupInfoA
GetProcessHeap
lstrlenW
FreeConsole

user32

KillTimer
MessageBoxW
GetSysColor
ShowWindow
LoadMenuA
RegisterClassExA
CreateWindowExA
IsWindow

gdi32

DeleteDC
SelectObject
StretchBlt

comdlg32

PrintDlgA

shell32

Shell_NotifyIconA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ