ff69ccabfefe30acfc75d96f7d219e21_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff69ccabfefe30acfc75d96f7d219e21_JaffaCakes118
Size

8KB
MD5

ff69ccabfefe30acfc75d96f7d219e21
SHA1

5ec2749cc85f7ea5889a06ffc027611a9dcd9f78
SHA256

a3301d62e9c02321b6bb52e71e69dcceaaa47fe5459783a9639f6914d93cca44
SHA512

1d5863ded6507e7ecd2118e276838c8422b302aaca3ae098bba1bafe3083d42090dff7267504a8a4e521a0733c8385600bd214d6f3b2fbbb848f8ed46578bbe1
SSDEEP

96:t5PCLeZhbHT95Cff9V7xGKZ2BnFnVQlp9abaHHWq0xfDUpfdn:tBlhbJ5CfLsK2FV6qWnWPNDUpfdn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff69ccabfefe30acfc75d96f7d219e21_JaffaCakes118

Files

ff69ccabfefe30acfc75d96f7d219e21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e19a1b22dc2b985bcd77e6a1b1fbad8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPriorityClass
TlsFree
GlobalFindAtomA
LocalHandle
GetConsoleCP
GetThreadLocale
GetModuleHandleA
GetUserDefaultLangID
GetVolumeInformationA
CreateThread
VirtualAlloc
OpenSemaphoreA
TlsGetValue
GetProcessHeap
ReleaseMutex
GetOEMCP
CompareStringA
LocalAlloc
GetStdHandle
SetEvent
LoadResource

user32

IsWindowVisible
GetWindowTextA
GetClassInfoExA
GetSystemMetrics
ValidateRect
ShowWindow
ReleaseDC
GetActiveWindow
CloseWindow
GetWindow
GetClassNameA
InvalidateRect
RegisterClassA
GetForegroundWindow
GetWindowTextLengthA
GetDC
DrawTextExA
GetFocus
IsIconic

shell32

SHGetFileInfoA
SHGetMalloc
SHChangeNotify
SHBrowseForFolderA
SHGetFolderPathA

userenv

LoadUserProfileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 892KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ