06b901002aa8af8680bc511903ddc6e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06b901002aa8af8680bc511903ddc6e4_JaffaCakes118
Size

296KB
MD5

06b901002aa8af8680bc511903ddc6e4
SHA1

e273941dad380325129fd608d8d1cf416aafc70a
SHA256

6ff61dec76c18426b93d4bbeab1b13a186ed5859012b9d96e1fb7f9460083540
SHA512

3c58e62cd1a358015b8fc4aa8a563480c70f198b6ab5d30e0094da2a60324bdeccd41c6a8fc0fe398c668d56ee1aa6676abb64638626251539e85147434f9e3c
SSDEEP

6144:EPGXlz9mQY+K0SQeg9OXUb32OBoAYu03hMtNJ0azS64ygueqrnLPZ:Ph9mB+K/g9xb9B5YqIizDZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06b901002aa8af8680bc511903ddc6e4_JaffaCakes118

Files

06b901002aa8af8680bc511903ddc6e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5b4751ba92880f056e7442679d906b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
HeapCreate
GetCurrentProcessId
GetStdHandle
GetACP
GetCurrentThread
GetProcessHeap
GetTimeFormatA
HeapQueryInformation
HeapDestroy
InterlockedExchange
GetModuleHandleA
GetTapeStatus
GetProcessVersion
GetLogicalDrives
CreateIoCompletionPort
LoadLibraryExA
GlobalMemoryStatus
VirtualProtect
GetEnvironmentStringsA
WaitForSingleObject

user32

GetWindow
DragDetect
wsprintfA
BeginPaint
DrawTextA
EndPaint
GetParent
GetClassNameA
SetActiveWindow
FrameRect
GetWindowTextLengthA
GetCursorPos
FillRect
ShowWindow
GetDlgItem
GetTitleBarInfo
SetForegroundWindow
GetFocus
ReleaseDC

advapi32

RegSetValueExA
RegEnumKeyA
RegCloseKey
RegCreateKeyA
RegFlushKey

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ