ce071f2a51ebb43970941fef2d9ca8d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce071f2a51ebb43970941fef2d9ca8d2_JaffaCakes118
Size

16KB
MD5

ce071f2a51ebb43970941fef2d9ca8d2
SHA1

8d8efc80662a09985fde434540e1123da87f1220
SHA256

9251fe910ff0a86a9d9088735c80fc3f9acbeffd221930bfb50c25df49427c57
SHA512

9699c813cfb7280eeb6d24bd5e8d3326d662296d0122c41c78365e970cf20bf941b5596ff14cc620c1281435fee5c0c7ff55ec3a41f45874702bbc676b5821f1
SSDEEP

384:4HLHEhf1wmqnisHvrsWiRGIsVG88888xpAWB:4rHEhtsPoBsVG88888nv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce071f2a51ebb43970941fef2d9ca8d2_JaffaCakes118

Files

ce071f2a51ebb43970941fef2d9ca8d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9bcf8662af36d771319b4efe356bf1c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTapeStatus
GetStdHandle
GetCurrentThread
HeapCreate
VirtualProtect
DeleteAtom
InterlockedExchange
GetLogicalDrives
IsDebuggerPresent
GetEnvironmentStringsA
HeapDestroy
GetACP
GetModuleHandleA
GetProcessVersion
WaitForSingleObject
GetTimeFormatA
GetCurrentProcessId
CreateFileMappingA
GetCommConfig
CreateHardLinkA
LoadLibraryExA

user32

ShowWindow
GetTitleBarInfo
GetCursorPos
GetWindowTextLengthA
BeginPaint
SetForegroundWindow
GetWindow
DragDetect
GetClassNameA
GetDlgItem
DrawTextA
GetFocus
SetActiveWindow
GetParent
wsprintfA
ReleaseDC
FrameRect
FillRect
EndPaint

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyA
RegEnumKeyA
RegFlushKey

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ