f668cb4f6fb035460a1aaa7e3edccaf0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f668cb4f6fb035460a1aaa7e3edccaf0_JaffaCakes118
Size

367KB
MD5

f668cb4f6fb035460a1aaa7e3edccaf0
SHA1

2beabfdd1a14b554e91c542d60a798a7b440e323
SHA256

db062a398bc971bc9b0dc810d0063d37ab36b03199a1acec66b10625647768c8
SHA512

370b345f6c14e93ee1e7240a9236b22fc50eb11dcc43030c48fdde7bf81c775827fa2baac2f45b51f828460939cc058adc0d46f49b20ddb408704b88d8b385e9
SSDEEP

6144:DxRMHhrVf/DRauRHlwrFYaN5ino7241GtMqzIXPH8CV+mybPzKP3zUeXm9+r:NRMBrpDneFNzino7IUHybPzQjUeX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f668cb4f6fb035460a1aaa7e3edccaf0_JaffaCakes118

Files

f668cb4f6fb035460a1aaa7e3edccaf0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33608bc8542b8773820cab5b91c6c1b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
FindClose
GetDriveTypeW
GetCurrentProcessId
SetLastError
EnumCalendarInfoW
SetEvent
GetNumberFormatW
HeapCreate
lstrlenW
LocalFree
GetModuleFileNameA
GetPrivateProfileStringW
GetConsoleAliasW
TlsGetValue
ResumeThread
FindAtomW
EnterCriticalSection
GetModuleHandleA
GetCurrentThreadId

user32

GetClientRect
GetClassInfoA
DispatchMessageA
GetKeyState
SetFocus
DrawTextA
GetCursorInfo
GetSysColor
DispatchMessageA
GetKeyboardType
GetMenuInfo
CallWindowProcW
IsWindow

wsnmp32

SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ