df75e7bd6d2e22d6aed99ccd10e11ea4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df75e7bd6d2e22d6aed99ccd10e11ea4_JaffaCakes118
Size

570KB
MD5

df75e7bd6d2e22d6aed99ccd10e11ea4
SHA1

6f967a2f8ed665123bea67f4ff70f74d931b74d7
SHA256

f0dcf07a8c6cbb790bfba131d4cb2129bfe81aae0abd1fdc85934f352dab3354
SHA512

8cf5c1a009d83dc196b1379538a7001cdba9aa3cb56058b2b4d3656ec7854c4f8fb30b70d0918b6cacb7d42bf1d5e3a65dfe16e9355f6f632ff4f798fc4d7ce6
SSDEEP

6144:Zsg57OkiAvsgeD31usrWRSJwhjVIgaoFQ5RkCCVWw+X/i:ZxQAvshD31vrWRSJwdVCoF9CCVWrX6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df75e7bd6d2e22d6aed99ccd10e11ea4_JaffaCakes118

Files

df75e7bd6d2e22d6aed99ccd10e11ea4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

32aaeaa44d08899cf4c38c1138bfa2f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
VirtualAlloc
GetProcAddress
LoadLibraryA
GetLastError
WaitForSingleObject
CreateThread
ExitThread
GetExitCodeThread
GetSystemTime
CreateEventA
SetFilePointer
SetStdHandle
GlobalAlloc
RtlUnwind
HeapDestroy
DeviceIoControl
CreateFileA
CloseHandle
WideCharToMultiByte
GlobalReAlloc
GlobalFree
GetModuleHandleA
WriteFile
HeapCreate
FlushFileBuffers
VirtualProtect
Sleep
GetTickCount

user32

MessageBoxA
GetWindowRect
ShowWindow
UpdateWindow
LoadCursorA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
IsDialogMessageA
TranslateMessage
DispatchMessageA

cfgmgr32

CM_Get_Parent
CM_Locate_DevNodeA

Sections

.text
Size: 484KB - Virtual size: 856KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ