0366beab5c894eb9e9054f0347b64a93_JaffaCakes118 | Triage

Sharing

General

Target

0366beab5c894eb9e9054f0347b64a93_JaffaCakes118
Size

48KB
MD5

0366beab5c894eb9e9054f0347b64a93
SHA1

909b5a5baf30c80341b5922792724f65a5906b12
SHA256

d00f269eea60b1c8c19ba263d6f97c7ba07b6d8859732b30e0108cd3cd39d538
SHA512

62f6c9e5e3def06d3c25fdaa8fa90c82181f607f9820a58200a0545c3f01710fb0e980ff3c390e7bcc51072b34730834081d248416cfc09926e6bdb05004aeac
SSDEEP

1536:o3X3N3C3OBEz/G1hxM+9SNTmJQmFhTGU5P2CJU:kn5qnz/GMNTm2mFsi2yU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0366beab5c894eb9e9054f0347b64a93_JaffaCakes118

Files

0366beab5c894eb9e9054f0347b64a93_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d83ee5b7440815fda92a0dea0e1fb3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateMutexA
GetTickCount
CloseHandle
GetVersion
WriteFile
GetTempPathA
GetCommandLineA
GetSystemTime
lstrcpyA
CreateProcessA
lstrcatA
GetLastError
GetProcAddress
ExitProcess
VirtualAlloc
CreateFileA
GetTempFileNameA
lstrcmpA
GetLocalTime
lstrlenA
LoadLibraryA
OpenMutexA
lstrcpynA
FindAtomA
GetModuleFileNameA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
VirtualQuery
GetVersionExA
RtlUnwind
IsDebuggerPresent

user32

wsprintfA
SetDlgItemTextA
DialogBoxParamA
LoadIconA
SetWindowTextA
GetFocus
IsWindowVisible
EqualRect
SetClassLongA
ClientToScreen
EndDialog
GetDesktopWindow
GetCursorPos
GetWindowRect
GetCaretPos
InflateRect

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ