ecdf079f479404476464e9856548bc21_JaffaCakes118 | Triage

Sharing

General

Target

ecdf079f479404476464e9856548bc21_JaffaCakes118
Size

636KB
MD5

ecdf079f479404476464e9856548bc21
SHA1

990a8e0cc6cdd778cf6ab6b8e164a1183c038efe
SHA256

f5cdc7b92f3c1a1c7b44b8803b743ccc750923e73c6362f622cb576c495dd6ff
SHA512

be921dd596992ab055e3cc1ab7ea08eb774351ce669371d5fa622132d7b000b3518fc8bd1eed02899302e0d517c218560b7aaad4a922ce3240def76237c1dbbf
SSDEEP

12288:zkxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz6:zRUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecdf079f479404476464e9856548bc21_JaffaCakes118

Files

ecdf079f479404476464e9856548bc21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b25006baf7fc105615ddb1147f41627

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetConsoleCP
WaitForSingleObject
SetConsoleCP
CloseHandle
HeapReAlloc
GetSystemDefaultLangID
HeapCreate
VirtualProtect
GlobalUnlock
GetVersion
InterlockedExchange
LoadLibraryExA
WaitForMultipleObjects
GetTickCount
GetModuleHandleA
GetCommandLineA
CompareFileTime
lstrlenA
GetAtomNameA
SuspendThread

user32

FindWindowA
InvertRect
SetPropA
CreateMenu
CreateIcon
GetKeyState
DrawCaption
CopyImage
SetScrollInfo
GetCursorInfo
DestroyMenu
FillRect
InsertMenuA
DragObject
DialogBoxParamA
GetKeyboardLayout
DispatchMessageA
IsDialogMessage
EnableScrollBar
GetDlgItem
CreateCursor
SetWindowPos

advapi32

RegEnumKeyA
RegEnumValueA
RegCreateKeyExA
RegCloseKey
RegQueryInfoKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ