ffee917f667dd13a1f4b152d2e23bbbe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffee917f667dd13a1f4b152d2e23bbbe_JaffaCakes118
Size

367KB
MD5

ffee917f667dd13a1f4b152d2e23bbbe
SHA1

9c0764d14b69cc0ff214fcdf9fa068db8de54096
SHA256

93e910b7e49f1fa0876f8f259b27ccd00a3e09a43af1e6137c46f714856b3b53
SHA512

43723b76bfd3e0fe40f14caa4584c73355b23ec8337d4dd15e712b954e0efdc4bf1ddcc5a7673f3985351428102e9b32d9221bd3755344385120681c5059b1c6
SSDEEP

6144:petTRM+hrVf/DRauRHlwrFYaN5ino7241GtMqzIXPH8CV+mybPzKP3zUeXm9+r:MtTRMwrpDneFNzino7IUHybPzQjUeX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffee917f667dd13a1f4b152d2e23bbbe_JaffaCakes118

Files

ffee917f667dd13a1f4b152d2e23bbbe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f14045c6defd4c7440237562802307f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetModuleFileNameA
LocalFree
ResumeThread
FindAtomW
GetDriveTypeW
GetCurrentThreadId
EnumCalendarInfoW
SetEvent
SetLastError
GetCurrentProcessId
lstrlenW
GetNumberFormatW
TlsGetValue
GetModuleHandleA
EnterCriticalSection
FindClose
HeapCreate
GetConsoleAliasW
GetPrivateProfileStringW

user32

DispatchMessageA
IsWindow
SetFocus
CallWindowProcW
GetKeyState
GetSysColor
DispatchMessageA
GetKeyboardType
GetMenuInfo
GetClassInfoA
GetCursorInfo
DrawTextW
GetClientRect

wsnmp32

SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ