dfba57df64c536afe317403945f56ef9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfba57df64c536afe317403945f56ef9_JaffaCakes118
Size

636KB
MD5

dfba57df64c536afe317403945f56ef9
SHA1

667d7f95d6a712c797d9398ca8b9a872b466f397
SHA256

be346f836da20a5bb115a7b7ccde772ba2339271c1f204776c495975344c5ba0
SHA512

d22dfd4452b277fc62270aa0da8d0f5eee73bc47cf1b082bf53f2716ce9c9f8d45222f18b24682fadb21936434f46a20d84295745a88c1a02a8f1027b6ad7f7a
SSDEEP

12288:Il35qKJTNbGd/XvrvBxZIZuJbr9CUcb8ZnyALtqV67pTFD1lmphaHSb:aTBS/XvrnZCsQZb89p86z106HSb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfba57df64c536afe317403945f56ef9_JaffaCakes118

Files

dfba57df64c536afe317403945f56ef9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48ca31a374ceb51adbd1b652a211505c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateThread
GetCommConfig
GetTimeFormatA
HeapCreate
GetACP
HeapDestroy
CreateHardLinkA
LoadLibraryExA
GetModuleHandleA
InterlockedExchange
VirtualProtect
GetThreadPriority
GetStdHandle
DeleteAtom
IsDebuggerPresent
GetEnvironmentStringsA
GetCurrentProcessId
GetCurrentThread
GetLogicalDrives
GetCurrentProcess

user32

ReleaseDC
BeginPaint
GetCursorPos
GetTitleBarInfo
GetClassNameA
FillRect
GetFocus
GetWindowTextLengthA
FrameRect
GetDlgItem
GetWindow
DragDetect
EndPaint
SetActiveWindow
ShowWindow
wsprintfA
GetParent
SetForegroundWindow
DrawTextA

advapi32

RegFlushKey
RegEnumKeyA
RegCloseKey
RegQueryInfoKeyA
RegCreateKeyA

clbcatq

CoRegCleanup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ