372144d2236d89faf255109a4e5c73a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

372144d2236d89faf255109a4e5c73a9_JaffaCakes118
Size

61KB
MD5

372144d2236d89faf255109a4e5c73a9
SHA1

f26ab51eb4c8d1f308e5eb6468e0732ae50436f5
SHA256

12d777b3a73ce596292f88a352ee5f9e475b0a929b867c8d006a6e02d1a01519
SHA512

87665211b495e6e2b12fef2b164807c08b5c43366f338fcc87c3184a08d6444264f68d22c309b368e8dd0cab303f02c92832d8529e6c848c21636d48b7e7b88c
SSDEEP

1536:igRAx1Tz8PdblSWIJeNyKLy+fTrm5/mZTz2TTv40:1RA7cPdPIJeNTdJz2TTt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
372144d2236d89faf255109a4e5c73a9_JaffaCakes118

Files

372144d2236d89faf255109a4e5c73a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d5697f393587666331ddbcad29e23f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetWindowsDirectoryA
GetCurrentThread
IsBadStringPtrA
QueryPerformanceCounter
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAsFileTime
GetSystemInfo
GetTimeZoneInformation
GetSystemTimeAdjustment
AreFileApisANSI
GetProcAddress
GetVersion
GlobalMemoryStatus
VirtualAlloc
VirtualProtect
GetCurrentProcessId
GetEnvironmentStrings
GetLogicalDriveStringsA
LoadLibraryA
GetModuleHandleA
GetCurrentThreadId
GetStartupInfoA
GetLastError
IsBadWritePtr
IsBadCodePtr
GetComputerNameA
GetConsoleCP
GetConsoleOutputCP
GetCurrentDirectoryA
GetProcessHeap
GetDiskFreeSpaceExA
GetVolumeInformationA
lstrcpyA
GetCommandLineA
TerminateThread

user32

GetDesktopWindow
GetDoubleClickTime
GetForegroundWindow
IsWindow
GetFocus
GetKBCodePage
GetKeyboardType
GetCapture

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE