07ee035bb21b5ca134bb5155efd47c3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07ee035bb21b5ca134bb5155efd47c3a_JaffaCakes118
Size

17KB
MD5

07ee035bb21b5ca134bb5155efd47c3a
SHA1

04badf56a38483a2c2409d2851fa16af8ebf662f
SHA256

099a4b99b631f9f2c855fe8e1d2c9889bdfd1e36d3d6dfb0ad921960fa1a97e8
SHA512

59eeb700f6f0e94853f787664951745de49a712a72fb7997d8f6f9d1cdc3a336a25046e2fb27db410b38fb9918d358702b43537ea4844e120507346a1377ba1b
SSDEEP

192:SEvdNVx6e6jhsfCh8xuxnMSFAqhcvh+fPXgwUUdvjEv:hvdNV4Lj+CWcdNrcvhCgwUUdvjg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07ee035bb21b5ca134bb5155efd47c3a_JaffaCakes118

Files

07ee035bb21b5ca134bb5155efd47c3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1cef812f991060a9ea3cadabd13c01e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
IsDBCSLeadByte
lstrcmpA
GetSystemDefaultLangID
FreeLibrary
TlsFree
GetCurrentProcess
GetCurrentProcessId
lstrcatA
GetCurrentThreadId
GetSystemDefaultLCID
GetModuleHandleW
VirtualAlloc
GetACP
GetDriveTypeW
TlsAlloc
GetModuleFileNameA
GetLogicalDrives
GetCurrentThread
GetCommandLineA
TlsGetValue

user32

RegisterClassA
CreateWindowExA
ReleaseDC
GetFocus
GetForegroundWindow
ShowWindow
GetWindow
GetActiveWindow
IsWindowVisible
GetClassLongA
GetWindowTextA
UpdateWindow
GetWindowTextLengthA
GetSystemMetrics
GetWindowLongA
BeginPaint
IsIconic
GetWindowDC
GetDC

shell32

StrRChrA
StrChrIA
StrCmpNA
StrChrA
StrRChrIA
StrCmpNIA

msctf

DllGetClassObject
TF_GetThreadFlags
DllRegisterServer
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ