f28b3f3e8138c0b52a8a5c087297cd91_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f28b3f3e8138c0b52a8a5c087297cd91_JaffaCakes118
Size

188KB
MD5

f28b3f3e8138c0b52a8a5c087297cd91
SHA1

8980bcbf08d71257401252833098a3ef21c18952
SHA256

e752cc6f752e78ff8a5e519e1bd4646474211044e892485f66b832ebc5412ecf
SHA512

39d7abf648880d0aacfd09c691d1d28391fa47dc0810e8a917db53be843e6b48e9c41af92fe8838a7919cf6ccb6addb6cf982fc81240d381f7103c839387fa24
SSDEEP

3072:RgNRck/dULKfLerj1fCOOsAkMzUljQcQmGP/K2PSHEPJbyeOwy1Sd:RSRck/dUkLerVOiaUJQsGP/KExx+Sd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f28b3f3e8138c0b52a8a5c087297cd91_JaffaCakes118

Files

f28b3f3e8138c0b52a8a5c087297cd91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

115d259197c096c38795b312e87d95ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetStdHandle
GetConsoleCP
HeapReAlloc
CloseHandle
CompareFileTime
LoadLibraryExW
HeapCreate
GetModuleHandleA
GetProfileIntA
WaitForMultipleObjects
GetTickCount
AddAtomA
VirtualProtect
lstrlenA
GlobalUnlock
WaitForSingleObject
GetVersion
SuspendThread
GetSystemDefaultLangID
GetCommandLineA

user32

DispatchMessageA
DragObject
CreateCursor
SetScrollInfo
GetDlgItem
InvertRect
InsertMenuA
GetKeyboardLayout
CreateCaret
DialogBoxParamA
DrawCaption
DestroyMenu
GetCursorInfo
FindWindowA
CopyRect
SetPropA
MessageBoxA
CopyImage
SetWindowPos
EnableScrollBar
CreateIcon
GetKeyState
CreateMenu
IsDialogMessage

advapi32

RegCreateKeyExA
RegCloseKey
RegEnumKeyA
RegQueryInfoKeyA
RegEnumValueA

apphelp

GetPermLayers

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ