f012f72904d3221b0b5c04a51eb01452_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f012f72904d3221b0b5c04a51eb01452_JaffaCakes118
Size

29KB
MD5

f012f72904d3221b0b5c04a51eb01452
SHA1

1f56a8e6329ba8b3beb98596de2fcfde97b5ab9e
SHA256

8cb6f519d13cd7afac17bdee001e2c5c1aa6e05e75acf369b454513d005b0aad
SHA512

c2ea35d1d2495313b60a7f50f9a7835b786e3b64214ad87076fb3375ee91e5a80b10f68fe0b82ca5401cd5b404101e5f1b64539dc131e1f43521020351912825
SSDEEP

384:6mL1JCgHl2UaXa348YHS3gyYgXdlQVgYGj3kKjv5NsxvYFm4FNQvjjUexqe9ChJc:77FWE4xyPYedeVLGwk5Ngvkexqe9WjPI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f012f72904d3221b0b5c04a51eb01452_JaffaCakes118

Files

f012f72904d3221b0b5c04a51eb01452_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c4db7b7190edd02027df7ff7053902b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetModuleHandleW
LocalAlloc
lstrcatA
VirtualAlloc
lstrcpyW
lstrcpynA
GetCommandLineW
lstrcpynW
VirtualProtect
LoadLibraryA
GetACP
VirtualProtect
lstrcmpA
lstrcmpW
lstrcpy
GetTickCount
GetCurrentThreadId
QueryPerformanceCounter
lstrcat

user32

GetSystemMetrics
CheckMenuItem
MoveWindow
GetWindowTextA
GetMenu
GetWindowTextLengthW
UpdateWindow
GetSystemMenu
LoadStringW
GetForegroundWindow
GetWindowTextLengthA
IsWindowEnabled
CharUpperA
LoadCursorW
LoadCursorA
CheckRadioButton
LoadMenuW
DefWindowProcA
GetWindowLongA
SendMessageW
SetCapture
GetMessageW
CreateWindowExA
GetParent
EnableWindow
ReleaseDC
ShowWindow
DestroyWindow
GetWindowLongW
ChangeMenuW
SetTimer
UpdateLayeredWindow
GetCapture
GetKeyState
PostMessageW
LoadIconA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ