0140f214df84f3b76a091b6c8a9bf47f_JaffaCakes118 | Triage

Sharing

General

Target

0140f214df84f3b76a091b6c8a9bf47f_JaffaCakes118
Size

48KB
MD5

0140f214df84f3b76a091b6c8a9bf47f
SHA1

ad85b000e063b1d1960797e07dfd56482d365526
SHA256

97b9be5b9476c05327cc0eb5379b35ae9e8975dc9d3222dc562a2e7f47e7cc64
SHA512

553ec6aa460a9809c371442ec4e8b34c78a8fe50fda676fd13edd3905a711bdc01cc00b7f387a94977948a361f7e6e9e0757551e391f1c3f4d82ffe99339e59f
SSDEEP

768:83Mpzgr3sCrhJQENb/ZIWc4F6p1GdZBXSCPFWd9FNKxM6Csii7qswsKCu5c:4cUrNnNb4SdaCP43Kb2swjCu5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0140f214df84f3b76a091b6c8a9bf47f_JaffaCakes118

Files

0140f214df84f3b76a091b6c8a9bf47f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea18dc8247b1d71f350a108efe3940d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateIoCompletionPort
CreateMailslotW
EraseTape
ExitProcess
GetCurrencyFormatA
GetFileAttributesW
GetProcessHeaps
GetProfileStringW
GetSystemDirectoryW
GetSystemInfo
PostQueuedCompletionStatus
QueryPerformanceFrequency
WriteTapemark

advapi32

IsValidSecurityDescriptor
LookupSecurityDescriptorPartsA
OpenSCManagerA
RegDeleteValueW
RegSaveKeyA

user32

ChangeMenuW
CreateMDIWindowW
DrawAnimatedRects
GetDlgItemInt
GetScrollRange
LoadAcceleratorsW
LoadMenuA
MoveWindow
RegisterSystemThread
ReplyMessage
ReuseDDElParam
SetMessageExtraInfo
SetWinEventHook
ShowCaret
UserClientDllInitialize

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE