03c32673f716bab9d7b9bf757a34eaa4_JaffaCakes118 | Triage

Sharing

General

Target

03c32673f716bab9d7b9bf757a34eaa4_JaffaCakes118
Size

299KB
MD5

03c32673f716bab9d7b9bf757a34eaa4
SHA1

b8bbce559d6b706cd01959a4d97083030b87ffbf
SHA256

0a28cd89cea721e128e333890a70c8c74a1e613251f5b32224a8389ac71000cd
SHA512

96627157badb9421cbb88982a3957429d78fc0e0227ebebe4cd5d81237da2a76024f3ed7595cab85b7d9c5937447408cab6e62699b1ad67101bd5540ba866ba7
SSDEEP

6144:EZrGPMHiW+4rQ/wH1S0xCIg7tixi5xGBRpPQaYGcRPb4R:sSXWy+HQIg55aoaYfP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03c32673f716bab9d7b9bf757a34eaa4_JaffaCakes118

Files

03c32673f716bab9d7b9bf757a34eaa4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8039977100d1d78a4c9c7aa2c1c3c37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetTickCount
GetComputerNameA
HeapCreate
GetCurrentDirectoryA
LocalFree
PulseEvent
CreateThread
CloseHandle
SetEvent
SetLastError
UnmapViewOfFile
GetConsoleTitleA
GetSystemTime
CreateFileA
GetModuleHandleA
LoadLibraryW
GetCommandLineW
lstrlenA
LocalUnlock

user32

CallWindowProcA
SetFocus
GetDlgItem
DrawEdge
DispatchMessageA
FillRect
DrawMenuBar
IsWindow
CheckRadioButton
CreateWindowExA
GetKeyState
GetDC
GetScrollBarInfo

clbcatq

SetupOpen
DowngradeAPL
CheckMemoryGates
UpdateFromAppChange
SetSetupOpen

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ