00a005ead704916929f39840a6ffeb8d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00a005ead704916929f39840a6ffeb8d_JaffaCakes118
Size

747KB
MD5

00a005ead704916929f39840a6ffeb8d
SHA1

b04ecd72818af9f89d52f967a89ecb6b6a82e10a
SHA256

519f34fbe11bceb6f03dfd8988e4f056997ec61ccc01252d6d394d96e043b391
SHA512

1825518c121bc28b3e6ddc4bafae7c43e8f90932fb1bb578a88d63e854f43391c2b59b859ced5eff340565b07fe7d78ba8dfd74ff6097308162aec9c8119ee37
SSDEEP

12288:VfpKfztKOf8CSjQxFU+gvnOh8H3fOD+1LCR4x+vyHc4+5WKObk0WfvcZAs:VfpexTXSjQxv6XZ1tx+vyHc4LnRWfvcy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00a005ead704916929f39840a6ffeb8d_JaffaCakes118

Files

00a005ead704916929f39840a6ffeb8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e49a8653bce0d239ebc4bdca9e7bfeec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleTitleA
ResetEvent
GetCommandLineW
GetTickCount
GetModuleHandleA
CreatePipe
GetCurrentDirectoryA
CreateMutexA
WaitForMultipleObjects
GetFileAttributesA
GetStdHandle
GetStartupInfoW
DeleteFileA
SetLastError
CreateFileA
CloseHandle
WaitForSingleObject
OpenProcess
HeapSize
GetEnvironmentVariableW
FindClose
SetEvent
ExitProcess
VirtualAlloc
RemoveDirectoryA

user32

GetDC
DispatchMessageW
FillRect
PeekMessageA
DispatchMessageW
GetClassInfoA
GetDC
GetWindowLongA
CallWindowProcW
FindWindowW
GetSysColor
MessageBoxA
GetDC

perfctrs

CloseNbfPerformanceData
CloseNbfPerformanceData
CloseNbfPerformanceData
CloseNbfPerformanceData

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ