d2ab967d6548f728a2c571ce1cdb81c7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2ab967d6548f728a2c571ce1cdb81c7_JaffaCakes118
Size

244KB
MD5

d2ab967d6548f728a2c571ce1cdb81c7
SHA1

8f80c3be59ea9dcdb9edaf34eab51d10b7310cf4
SHA256

67752032a413bda7b514e062417f1a89339875e1cd0a34dc517ff45a3fd87f1a
SHA512

15379d1c2f610ff4268610be91aa10ee62883b788051e839ede96b6dbac5af3cdf213d5d80924d9074646894db08f9e4665b2a80a207c60eddf73a660e84672f
SSDEEP

3072:A30SFOePHDkUe0mVZLTYNAUnSptxldQIaevadbRS/LKfuEaLeYbnfLk8GuhSi:2Db5elZLFUSLsevadF+KfhzY5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2ab967d6548f728a2c571ce1cdb81c7_JaffaCakes118

Files

d2ab967d6548f728a2c571ce1cdb81c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72b6a152569cc56c844d8d440e792ed4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
VirtualAlloc
GetCurrentThreadId
GetStartupInfoA
GetLogicalDrives
GetModuleHandleA
GetCommandLineA
TlsGetValue
TlsSetValue
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetSystemDefaultLangID
GetThreadPriority
TlsAlloc
Sleep
TlsFree
IsValidCodePage
GetModuleFileNameA
GetDriveTypeA

user32

GetClassLongA
BeginPaint
ShowWindow
GetActiveWindow
GetForegroundWindow
GetFocus
GetWindowTextA
GetWindowDC
IsWindowVisible
ReleaseDC
RegisterClassA
CreateWindowExA
OpenIcon
GetSystemMetrics
GetWindowTextLengthA
UpdateWindow
GetWindowLongA
GetDC
GetWindow

advapi32

RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
GetUserNameA
IsTextUnicode

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerLanguageNameA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ