4377b508582e75983baf189bf8d8d7fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4377b508582e75983baf189bf8d8d7fd_JaffaCakes118
Size

433KB
MD5

4377b508582e75983baf189bf8d8d7fd
SHA1

71cd2f816831ca13afa2f87c277b5381129c7c40
SHA256

af4cb94bef8c1799478d49889ae6b2f041526ab013d2406bf6d89ddeff9892f3
SHA512

0aa7227d71e53e135d3efc05d93ff2480a6044473edd1f6bcf780692324bf593d0389feea70423172fb2388a02de310238b87c92304a24f89a57004004010b54
SSDEEP

12288:z9xEcZJSi6FBCRfSuR+ybSMLPytF7R5eVc0K:z9bZJSRCfJtbSML2R5Ac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4377b508582e75983baf189bf8d8d7fd_JaffaCakes118

Files

4377b508582e75983baf189bf8d8d7fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66ff5e65317b9c815d6c1dfad84a0a19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
Sleep
DeleteFileA
CreateFileA
SetLastError
GetTickCount
GetCurrentDirectoryA
HeapCreate
GetStartupInfoW
GetModuleHandleA
GetFileSize
GetLocalTime
GetFileAttributesW
WaitForSingleObject
CloseHandle
CreateMutexW
GetStdHandle
ExitProcess
GetTickCount
GetEnvironmentVariableA
OpenThread
FindClose
RemoveDirectoryW
HeapSize
WaitForMultipleObjects

user32

GetDC
DispatchMessageW
GetDC
CallWindowProcW
GetCursorPos
GetWindowLongA
GetDC
GetDC
GetSysColor
DispatchMessageW
PeekMessageA
GetClassInfoA
MessageBoxA

wshcon

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ