01db023e8eaaa3d81a20cbc4d7f90a61_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01db023e8eaaa3d81a20cbc4d7f90a61_JaffaCakes118
Size

324KB
MD5

01db023e8eaaa3d81a20cbc4d7f90a61
SHA1

46913865ac9f5302397c7d078744199d8d5bc6d0
SHA256

d92ecf2ef5c32896f7ae7ec93096daaa87df635a8cbe335efd42f4ca25782c08
SHA512

0ca9bc6499e02d39170f86a54c8d8dada1cefdaadd044430e736a4f7cb21aad80ed6e0695ae4838d6cd901ef5ff9cc458622b944bcba951dce29d666ff99b148
SSDEEP

6144:+/BzkM9PypigYhhE4oPrCZNvrX8wqvlbHVa28v6MZln1oPZixO:+/BzbXgswGZJrX8wqv91U6cn2PZi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01db023e8eaaa3d81a20cbc4d7f90a61_JaffaCakes118

Files

01db023e8eaaa3d81a20cbc4d7f90a61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03ae76cdc9fa7a0221a7b8c5c9d72f02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

GetDriverModuleHandle
timeBeginPeriod
timeEndPeriod

shlwapi

PathIsRootA
SHDeleteEmptyKeyA
SHDeleteKeyW
SHGetValueW
SHQueryValueExA
SHEnumKeyExW

user32

ReleaseDC

advapi32

RegLoadKeyA

kernel32

HeapAlloc
GetTickCount
GetSystemDirectoryW
GetCurrentDirectoryA
GetWindowsDirectoryA
HeapFree
lstrlenW
GetFileAttributesA
GetCurrentDirectoryW
GetFileType
GetComputerNameA
lstrlenA
GetProcessHeap
CloseHandle
CreateFileMappingA
CreateNamedPipeA
DisconnectNamedPipe
DuplicateHandle
GetConsoleMode
GetMailslotInfo
GetModuleFileNameA
ReleaseSemaphore
GetCurrentProcessId
GetProcessVersion
GetStdHandle
IsSystemResumeAutomatic

msvcrt

rand
toupper

ole32

OleRun

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ