JaffaCakes118_93e99f83ba53b9891331439fd45eba2a | Triage

Sharing

General

Target

JaffaCakes118_93e99f83ba53b9891331439fd45eba2a
Size

174KB
MD5

93e99f83ba53b9891331439fd45eba2a
SHA1

46419605c574518f7dcfe308965294204ce139e4
SHA256

cd9c992440a77d5744ad385f4cc90b2163b3f61ca404bdf78344204ca39b6be8
SHA512

989155ccc0831003866e9e1a36a2db85a84fb0dd65f7c6e6f1157cb5eeeb9fb5d937593d497a4b6edd65ef29f2735496f684cb9219995dd7724251c12fc80c46
SSDEEP

3072:yZvrhTo/4qZLpj4/+okzfGhbHbyNBWom11VR9M3pR9SF3qtHNYCro8H5P7liE:XT4/yzOhbuNBfc15MUFatqf8H5hiE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_93e99f83ba53b9891331439fd45eba2a

Files

JaffaCakes118_93e99f83ba53b9891331439fd45eba2a
.exe windows:4 windows x86 arch:x86

e99af006d38c42090bc03c923621999a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
FreeLibrary
GetThreadIOPendingFlag
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
CreateFileW
GetTempPathW
TransmitCommChar
LoadLibraryA
CloseHandle
CreateMutexA
WideCharToMultiByte
EnumResourceNamesW
SetEndOfFile
MultiByteToWideChar
GetProcAddress
GetLastError
CompareStringA
ExitProcess
LoadLibraryW
CompareStringW
WriteFile
IsBadReadPtr
SetStdHandle
SetEnvironmentVariableA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

user32

wsprintfW
GetKeyState
CharNextA
CharUpperA
wsprintfA
MessageBoxA
GetTopWindow
CharLowerA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ