04f4f3cc3be543eb0f080bd40e3fb53b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04f4f3cc3be543eb0f080bd40e3fb53b_JaffaCakes118
Size

4.5MB
MD5

04f4f3cc3be543eb0f080bd40e3fb53b
SHA1

9b37e9d474914eede56fcbc4a131de01c957f06a
SHA256

b2de5464ab14ae11004e7e08bbfa194bf20a5cfeb3facc6767d5239d7dc92465
SHA512

bc494a7d65cb42ced6ca2264a36a300efe7e8bcc666b6a7658eeabd6b3c4d762c0c37545f9b9679d5cb234b449a9fe904dd6f553ed9d8248665389aea2f1e48a
SSDEEP

49152:iqJHLJK3d+TFY2HzVQ6KoDmGERM/TLN8Cbn:iyHgN+TpJDWRaLNL7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04f4f3cc3be543eb0f080bd40e3fb53b_JaffaCakes118

Files

04f4f3cc3be543eb0f080bd40e3fb53b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

759c64956bb9d5966a0ea13df192bc06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
LocalFree
MultiByteToWideChar
ReleaseMutex
GetFileSize
TerminateProcess
GetVersionExW
TlsFree
OutputDebugStringA
RaiseException
TlsAlloc
LocalAlloc
FreeLibrary
VirtualFree
GetACP
HeapFree
CreateFileA
InitializeCriticalSection
GlobalAlloc
HeapAlloc
GetModuleFileNameW
lstrcmpiW
lstrcatW
GetLocaleInfoW
GetLastError
CopyFileExA
GetSystemInfo
lstrlenA

user32

MoveWindow
GetClientRect
GetSystemMetrics
GetWindowTextW
SendDlgItemMessageW
GetWindowLongW
CharUpperW
GetWindow
DestroyIcon
GetMessageW
PostThreadMessageW
GetKeyState
SystemParametersInfoW

gdi32

CreateDIBitmap
GetTextAlign
TranslateCharsetInfo

advapi32

GetSidSubAuthority
CryptSetKeyParam
GetUserNameA
RegEnumKeyA
DeregisterEventSource
CloseServiceHandle

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ