f07e48dcb33233821b07d107ab2e6fdf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f07e48dcb33233821b07d107ab2e6fdf_JaffaCakes118
Size

320KB
MD5

f07e48dcb33233821b07d107ab2e6fdf
SHA1

e60d2237c59de696a3504ec9723ee7d61d37bd34
SHA256

f522d5a47f89d15c13ece1d78b3ae4fe8f64495b378ab74255bd7f36acdc1097
SHA512

e6d89611e8878f2d83679c4e6589d8356f5fd8d1d4855cc91d249731b7cee847367e97791f55c04def15c900995dbd610f8d8591a8812912cb5945f9ceac39b1
SSDEEP

6144:O5kht377UyZ/CcmzRmwkCLSvGlTceQUtloiGnB3jtlS3XRDeuyrNkiH6:sW37JqUwkZGEUDYZGXRDnW6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f07e48dcb33233821b07d107ab2e6fdf_JaffaCakes118

Files

f07e48dcb33233821b07d107ab2e6fdf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bc8916a63031e46398eceb067336f20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetTapeStatus
IsDebuggerPresent
CreateHardLinkA
GetStdHandle
GetModuleHandleA
DeleteAtom
GetACP
GetCommConfig
LoadLibraryExA
GetEnvironmentStringsA
GetCurrentThread
GetTimeFormatA
VirtualProtect
HeapDestroy
HeapCreate
GetLogicalDrives
CreateFileMappingA
WaitForSingleObject
GetCurrentProcessId
GetProcessVersion

user32

GetWindowTextLengthA
ReleaseDC
BeginPaint
SetActiveWindow
GetTitleBarInfo
wsprintfA
GetWindow
DragDetect
SetForegroundWindow
GetParent
GetClassNameA
ShowWindow
GetCursorPos
FillRect
GetFocus
GetDlgItem
FrameRect
EndPaint
DrawTextA

advapi32

RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyA
RegEnumKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ