f61ea4aef05fdd1b26178c0d25de05ac_JaffaCakes118 | Triage

Sharing

General

Target

f61ea4aef05fdd1b26178c0d25de05ac_JaffaCakes118
Size

203KB
MD5

f61ea4aef05fdd1b26178c0d25de05ac
SHA1

d38bed85ece48f7a0144283c7dda5fee66690e70
SHA256

73c12f3360fd1e6142c74b5cff7cd99065fb7075000cb0ab64c78bd42c18eeaf
SHA512

bedabfbad2f50d77ebc8b64e659b0e68d503fe9dc074d10c119c15db51a69b7f2992de2cab3ffe33fb874397154d874c20b3dbedbeb2d96f1cd4f86cf3a3fd29
SSDEEP

3072:r5QLsijhglp70mM8wx7ZscqC4w/0O7RwennTjygx:iL/hgX/wlqC4w/0O9wenTug

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f61ea4aef05fdd1b26178c0d25de05ac_JaffaCakes118

Files

f61ea4aef05fdd1b26178c0d25de05ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33f765b309c8523b7c78d19c1fc6d084

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
GetSystemMetrics
GetDC
CharNextA

kernel32

IsDebuggerPresent
lstrlenW
GetCurrentThreadId
SetLastError
GetWindowsDirectoryA
GetThreadLocale
GetProcessHeap
GetCommandLineA
RemoveDirectoryA
GetModuleHandleW
lstrcmpiW
DeleteFileA
GetDriveTypeA
GetLastError
MulDiv
GetOEMCP
GetCurrentProcess
GetTickCount
GetACP
GetConsoleOutputCP
GetUserDefaultLangID
DeleteFileW
GetModuleHandleA
GetCurrentProcessId
GetStartupInfoA
CopyFileA
lstrcmpiA
QueryPerformanceCounter
GlobalFindAtomW
GetCommandLineW
SetCurrentDirectoryA
Sleep
lstrcmpA
GetVersion
lstrlenA
GetCurrentThread
LoadLibraryW
GlobalFindAtomA
VirtualAlloc

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ