ea01135b42824c53bbdf81b44cc44956_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea01135b42824c53bbdf81b44cc44956_JaffaCakes118
Size

73KB
MD5

ea01135b42824c53bbdf81b44cc44956
SHA1

906a2dcc2af7726f4cd61e460cb4791f33aa5536
SHA256

8df0c7877f4e26fc7a46153bd20d1ca44b8f01f02cb3e42d87a4f0be3aff142a
SHA512

f0b44655726c6c1953d332354bd1ec486e8ca6a2bd8ccaf26c80897afa9e08dfdf3e638df021c1aa9530788846127afdb6fd081bef1933a2fd2081a83903f432
SSDEEP

1536:Y2h/nDzEiqFy169iji94+h3yPkgKb2Ur64Mw/m:lh/DzwFl9ij64a3VgKb2fwu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea01135b42824c53bbdf81b44cc44956_JaffaCakes118

Files

ea01135b42824c53bbdf81b44cc44956_JaffaCakes118
.exe .js windows:4 windows x86 arch:x86 polyglot

8a70938c3c497b4d2bab0caf549cc922

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegOpenKeyExA
GetUserNameA
RegCloseKey
RegSetValueExA

user32

GetWindowRect
GetSystemMetrics
GetDesktopWindow
wsprintfW
wsprintfA

ole32

CoCreateGuid
StringFromGUID2

ws2_32

WSAStartup
WSCInstallNameSpace

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrcpyA
DeleteFileA
CloseHandle
GetVersionExA
GetFileTime
GetModuleHandleA
GetSystemDefaultLangID
GetComputerNameA
CreateFileA
lstrlenA
lstrcpynA
HeapAlloc
GetProcessHeap
SetFileTime
WriteFile
GetSystemDirectoryW
WideCharToMultiByte
GetSystemDirectoryA
lstrcatA
MultiByteToWideChar
GetProcAddress
VerLanguageNameA
LoadLibraryA
GetSystemInfo
RtlUnwind

shell32

SHFileOperationA

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ