dadc59354462083f32dff0033023f0b7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dadc59354462083f32dff0033023f0b7_JaffaCakes118
Size

43KB
MD5

dadc59354462083f32dff0033023f0b7
SHA1

2d302685dfbb5a4aaef36a7605bf907f3c9fbe45
SHA256

6665e4714a4838a9ed96106a3f2da4839d5dd826bb6d006926b7ce53322048a1
SHA512

513f8694d27999bae996720d9684798e00833276d76dbfa60b3f448d787572c848303e30ae2ffeca5f1a55c17bb7ea4549efbd0325ed44935274e06f0f35fbc6
SSDEEP

768:VlcHbjKOIDdQWWGYYPDP4Xxhz8gJOroQkcl0SbBXNwDQGOVKp10:3c3yYVXxp8g/ElxbB9yQbVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dadc59354462083f32dff0033023f0b7_JaffaCakes118

Files

dadc59354462083f32dff0033023f0b7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e0c3b6e36b48d900a8b17fac94756a96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
MultiByteToWideChar
CreateThread
lstrcatW
SetEndOfFile
CreateMutexW
GlobalLock
CloseHandle
EnterCriticalSection
SetThreadPriority
CreateFileMappingW
GetModuleHandleA
FlushFileBuffers
lstrcpynW
SetFileTime
HeapAlloc
lstrcmpiA
GetDriveTypeW
SetFileAttributesW
FindFirstFileW
FindClose
ReleaseMutex
MoveFileExW
GetCommandLineA
WriteFile
CopyFileW
GetUserDefaultUILanguage
GetTempPathW
ExpandEnvironmentStringsW
GetCurrentThread
DisconnectNamedPipe

user32

DrawIcon
GetKeyState
SendMessageW
GetForegroundWindow
PeekMessageW

Sections

.cpsxep
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zybun
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrml
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ