03e4f501dc0e8cca7aa5a9ffc585a440_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03e4f501dc0e8cca7aa5a9ffc585a440_JaffaCakes118
Size

811KB
MD5

03e4f501dc0e8cca7aa5a9ffc585a440
SHA1

f58c481f230e15378a7f40a70759d0da024a5480
SHA256

aa60c5035badd03dc1ca752a7c472017ca8987e3b58863c8fc0bbb523bb83de9
SHA512

36683cce7f67c7619bc3b2145082a812f69b4bbf40f31ccd99aba069976265b7cb1bbd5e0955ab4df3cb3c551fb33169c4aec7de5bd14c183f41ef9cb015a3dd
SSDEEP

12288:v0X8aHOMr0X+RHz5ZCrRNSnZ8KJkfKdHYY0IaB0RSodaFx4d1hWibVXTAe9If:taHIazjvnZ9CCZTBaAo6d1dRq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03e4f501dc0e8cca7aa5a9ffc585a440_JaffaCakes118

Files

03e4f501dc0e8cca7aa5a9ffc585a440_JaffaCakes118
.exe windows:5 windows x86 arch:x86

70078dc837ac8930c26e0f11b9b84f76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
LeaveCriticalSection
GetProcessHeap
InitializeCriticalSection
GetConsoleMode
CloseHandle
LocalLock
GetLocalTime
EnterCriticalSection
GetCalendarInfoW
GetModuleHandleA
GlobalLock
DeleteFileA
Sleep
VirtualProtectEx
FindClose
GetDriveTypeA
WriteConsoleW
GetStartupInfoA
GetCurrentThreadId
CreateDirectoryA
GetModuleFileNameA
GetFileTime
CreateFileA
TlsGetValue

user32

GetWindowDC
wsprintfA
MessageBoxA
GetKeyState
IsWindowEnabled
GetWindowLongA
EqualRect
GetWindowLongA
IsWindowVisible
PeekMessageA
DispatchMessageA
GetSysColor
FillRect

cryptsvc

CryptServiceMain
CryptServiceMain
CryptServiceMain
CryptServiceMain

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE