4651d34d4cbd415bd9f0040f0432c772_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4651d34d4cbd415bd9f0040f0432c772_JaffaCakes118
Size

110KB
MD5

4651d34d4cbd415bd9f0040f0432c772
SHA1

9b722bea2a804a4af693498eaeafe239f76013c0
SHA256

a67bbe95622a055cb8d0cafd28d8bbb6d64146e36460393aa0a226f5221c2b55
SHA512

e68c5478bb71f6d86dcd1f1e7c46646693eb7ad8d1b9e57f4613afbb5627a7cd27745c8bac60cfb81ca71fa79ee0884629bebe3d34827a4669d9369544bacd47
SSDEEP

3072:sjUPDPXy2uzDTJ+nxdr/Ejed+o+sNYFfP:yUOninYednfE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4651d34d4cbd415bd9f0040f0432c772_JaffaCakes118

Files

4651d34d4cbd415bd9f0040f0432c772_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8cedc9b8ef28a3cd682df41e0d113b5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetEnvironmentStrings
CreateThread
QueryPerformanceCounter
GetFileType
LCMapStringW
EnterCriticalSection
GetCommandLineA
VirtualFree
LoadLibraryA
lstrlenW
VirtualAlloc
GetSystemTimeAsFileTime
GetModuleFileNameW
SizeofResource
GetDriveTypeW
HeapFree
WideCharToMultiByte
ExitProcess
FreeLibrary
HeapReAlloc
GetProcAddress

msvcrt

_wcsicmp
malloc
_initterm
_adjust_fdiv
__wgetmainargs
wcstoul

user32

GetParent
SetFocus
GetWindowTextLengthW
DrawTextW
SetWindowPos
GetClientRect

advapi32

RegOpenKeyA
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ