18509700ac15db7aaa2680ee8d61e5f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18509700ac15db7aaa2680ee8d61e5f5_JaffaCakes118
Size

44KB
MD5

18509700ac15db7aaa2680ee8d61e5f5
SHA1

1a967edd785079ddf2d3e52288c3cac468130956
SHA256

e652099c8e331f70b16ef52e57469b68ac27ff90efd0c0600d1abd9ef9021d5a
SHA512

7881ff4b9a2c6f381e7701db012c2a852b91844d6904d4de9f5bdfe0a9bae17fccd93da1db99ed0deb6cb2ad33335a974c310f355fed7da2b8f3ccfed51ef54c
SSDEEP

768:TDbKVntsy5ZwwD0BKYgFXc2eu9UheVsFeXI4tuo6AC4qku40IuueDJsh0okc:3g9wwR522e6UAxYQn6AC4qG0IuTJsh6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18509700ac15db7aaa2680ee8d61e5f5_JaffaCakes118

Files

18509700ac15db7aaa2680ee8d61e5f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50a7ac78072658495d7f21706cc11109

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

kernel32

HeapAlloc
HeapDestroy
GetTickCount
GetStringTypeA
GetThreadLocale
LocalFileTimeToFileTime
GetTempPathA
GetFileAttributesW
GetACP
SetStdHandle
GetVersion
SetConsoleCP
ExitProcess
VirtualProtect
GetModuleHandleA
CopyFileA
Sleep
GetStartupInfoA
CreateFileW
GlobalFree
DeviceIoControl
GetOEMCP
HeapSize

gdi32

SaveDC

user32

IsWindow
PostMessageW
GetWindowThreadProcessId
SetForegroundWindow
EnumThreadWindows
GetWindowLongA
EndDialog

msvcrt

strchr
??0exception@@QAE@ABQBD@Z
_initterm

ole32

CreateStreamOnHGlobal

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE