1426465509f3cde4b34178b4892076c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1426465509f3cde4b34178b4892076c9_JaffaCakes118
Size

213KB
MD5

1426465509f3cde4b34178b4892076c9
SHA1

c0a9ea8ea9d2e28eef0b7bf8f2695ba0ecb1f60f
SHA256

e81e3fb2bb3cf7b026913a1c787774fecb94738ebc96dcb98926daa83cfa5d70
SHA512

7c8fbdd5458f27db95469d6b5f6daca5949d3ad3c80c41a9e268631098b5a0d316198f62a6d4d4da1edb84da6635970ccca38f2f51bcb08aeff6df122bbaef14
SSDEEP

3072:m3k70oDt1S0xRk3kfmxKKLqsYcMUEtfagDUGo4Yn5SStLmSp5j6GizfiVKzAS1Ns:m3Ct7h+4K+s5MUEIgD08oqQsGizfDv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1426465509f3cde4b34178b4892076c9_JaffaCakes118

Files

1426465509f3cde4b34178b4892076c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15a9a79a989e92ef5d5d84fe443b891c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

RegisterClassExA
InvalidateRect
IsChild
GetParent
IsWindow
BeginPaint
EndPaint
PtInRect
UnionRect
GetClientRect
GetKeyState
SetFocus
GetFocus
UnregisterClassA
IntersectRect
RealGetWindowClassA
CallWindowProcA
CreateWindowExA

kernel32

CreateFiber
HeapReAlloc
InterlockedCompareExchange
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetProcAddress
LoadLibraryA
TerminateProcess
ResumeThread
GetACP
EnumResourceNamesA
VirtualQuery
HeapSize
GetLocaleInfoA
SetUnhandledExceptionFilter
RtlUnwind
ExitProcess
VirtualProtect
SetThreadPriority
HeapAlloc
VirtualAlloc
GetCommandLineA
VirtualFree
GetSystemInfo
HeapDestroy
WriteFile

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ