dc8793c33ddcbe96fc3842eba60eceeb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc8793c33ddcbe96fc3842eba60eceeb_JaffaCakes118
Size

12KB
MD5

dc8793c33ddcbe96fc3842eba60eceeb
SHA1

e572a5d7be73d9f26147e751855fa1a6a711fbce
SHA256

96ecdb5ac27aac7eeaee57d568f4421a0d85f5139ed1a6ec6d72307978c38779
SHA512

811880bb9eb342cc69307f0b3ea218565a8f3c80bd8db2aa24f0ea12c6106fbceb3a0cf6850d47ea1bd963f717bea27dbd39960eebea7d86eefd6fa655f544a8
SSDEEP

192:injQz9Rcf2rNysam1Sl4wcEReNwOB38j/zuAYXgKggCFsG7WkkMWU707M7:8ecfwH7Sl1dReNw838j/iN5CWG7WkkMP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc8793c33ddcbe96fc3842eba60eceeb_JaffaCakes118

Files

dc8793c33ddcbe96fc3842eba60eceeb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e6a80eef606ab4c121b19c53988ff77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
lstrcpyA
CreateProcessA
GetCurrentThread
GetStartupInfoA
GetCurrentProcessId
GetCurrentProcess
GetProcAddress
GetCurrentThreadId
GetThreadPriority
lstrcatA
FreeLibrary
LoadLibraryA
MoveFileExA
CloseHandle
GetTickCount
CreateFileA
lstrlenA
GetTempFileNameA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetShortPathNameA
GetLastError
CreateMutexA
FindFirstFileA
GetACP
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
ExitProcess

user32

GetActiveWindow
GetTopWindow
GetCapture
SetActiveWindow
wsprintfA

gdi32

GetBrushOrgEx
GetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
GetBkMode
CancelDC

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ