f77a471823c9fb78a7869f9cf581dc61_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f77a471823c9fb78a7869f9cf581dc61_JaffaCakes118
Size

203KB
MD5

f77a471823c9fb78a7869f9cf581dc61
SHA1

f5bfd5e81f71d2d74515fb8d6ad01772f3fdb345
SHA256

7f1f45e6ba08b1dfc9784db462e8708f857911b9504e9d5b1bfb7b488c11cd77
SHA512

db468f9b6e17dfa7e0165e54f81235d6f5f55542ceb24c8f72174a8aa785b23d7b12e623d55f0e7c243df56470025154ee423403ef5d2a46194009c4b90c6b04
SSDEEP

6144:UZTOiFTzsVNjxq7WBdODi94TN8o7K8htNWl3clUP9:UEiFTzsVpxqzNl7K8htNWl3clUP9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f77a471823c9fb78a7869f9cf581dc61_JaffaCakes118

Files

f77a471823c9fb78a7869f9cf581dc61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67ad866ea3cc71dbab64398f7287b76b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
GlobalUnlock
GetConsoleCP
WaitForSingleObject
GetTickCount
CloseHandle
HeapReAlloc
InterlockedExchange
GetCommandLineA
HeapCreate
GetModuleHandleA
lstrlenA
GetVersion
VirtualProtect
LoadLibraryExW
WaitForMultipleObjects
SuspendThread
GetStdHandle
GetProfileIntA
AddAtomA
CompareFileTime

user32

SetWindowPos
DrawCaption
DragObject
GetKeyboardLayout
SetScrollInfo
CopyRect
FindWindowA
DialogBoxParamA
CreateIcon
GetCursorInfo
DestroyMenu
CopyImage
EnableScrollBar
CreateCursor
MessageBoxA
GetKeyState
InsertMenuA
InvertRect
IsDialogMessage
GetDlgItem
CreateCaret
CreateMenu
DispatchMessageA
SetPropA

advapi32

RegEnumKeyA
RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA

apphelp

GetPermLayers

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ