f65a70d9b1f375b2a1c324a4ed95bc16_JaffaCakes118 | Triage

Sharing

General

Target

f65a70d9b1f375b2a1c324a4ed95bc16_JaffaCakes118
Size

819KB
MD5

f65a70d9b1f375b2a1c324a4ed95bc16
SHA1

9cca8db5362ea5bc6707f46cafaa9a98ba0c58b0
SHA256

51f0ee12d57cbd4e2c2dd5b39a6da963884c087f6dd4e54d37ee53c8ccddc90c
SHA512

1341decae04f75a2c08a25d06877bc9956f81af8bbc9c9ee9b598a4c1827e6d903125e41a626dd115f9c8aa9e3b3e7a4c01d1a4805583fc2115e0eca5c1ed744
SSDEEP

24576:nomRMyCDoBqb4jH1lojRhvhtdtKo7k2Fp1jWq9ZVfRZe5cBWM:omRMyIoBqb4jHboVhTdtjwm1jWqZze56

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f65a70d9b1f375b2a1c324a4ed95bc16_JaffaCakes118

Files

f65a70d9b1f375b2a1c324a4ed95bc16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0d023e76ee50f62e7866d68448275f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
InitializeCriticalSection
GetPrivateProfileStringA
LocalFree
GetCurrentProcessId
GetDriveTypeA
LoadLibraryW
CloseHandle
lstrlenW
ResetEvent
ReleaseMutex
GlobalFlags
GetCurrentThreadId
GetEnvironmentVariableW
CreateEventW
GetLocalTime
HeapCreate
IsBadStringPtrA
WriteFile
GlobalFree

user32

GetKeyboardType
GetClientRect
EndDialog
DispatchMessageA
CreateWindowExA
DrawStateW
GetCursorInfo
GetSysColor
IsWindow
CallWindowProcW
SetFocus
GetSysColor
GetClassInfoA

msident

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 808KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ