d372e703643ffbd41d39b1b9a92cabff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d372e703643ffbd41d39b1b9a92cabff_JaffaCakes118
Size

40KB
MD5

d372e703643ffbd41d39b1b9a92cabff
SHA1

89fa1a4012d1d42cc89408ffe90f799c9175dec8
SHA256

1aec9e8c4ff67bbcb77554e5c390ec6450e9c58981b1e5d606c2c3490c80df5b
SHA512

f5ff09844647f4e42966d6dfae654f1b5d32036767826f28beec7c96aed5aa6a5e3021bf1eff48c5dc40072f376671b9d6437ca64b510bfa26ab42dbab417ac6
SSDEEP

384:KZbbzpLuaUNuIKACgEx0ivxqs2Q2i9oWbKcizqm3zSo:anzpLurMAtivxqfQdQVPjSo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d372e703643ffbd41d39b1b9a92cabff_JaffaCakes118

Files

d372e703643ffbd41d39b1b9a92cabff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55c64726d2c624c0bd15101100817faf

Headers

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetVersion
GetCurrentThreadId
GetThreadLocale
GetStartupInfoA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
WriteFile
SizeofResource
SetFileAttributesA
OpenMutexA
LockResource
LoadResource
LoadLibraryA
GetWindowsDirectoryA
GetVersionExA
GetProcAddress
FreeResource
FreeLibrary
FindResourceA
FindFirstFileA
FindClose
DeleteFileA
CreateMutexA
CreateFileA
CreateDirectoryA
CopyFileA
CloseHandle

user32

GetKeyboardType
MessageBoxA
CharNextA
GetMessageA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegCloseKey

Sections

Size: 160KB - Virtual size: 160KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE