0533c7537a2bf7bba9e5c8464bf1a86d_JaffaCakes118 | Triage

Sharing

General

Target

0533c7537a2bf7bba9e5c8464bf1a86d_JaffaCakes118
Size

184KB
MD5

0533c7537a2bf7bba9e5c8464bf1a86d
SHA1

ba6411de6a338fab53f8517cf69f412c5a566029
SHA256

b40998b6365a829ddbddffc38af90e4dc6911f66d235750c5e9a9ef52588d174
SHA512

ae87e0a060687e642d095b55bdd0161be8a224954a81fb3dadd27e440ce37ebf5b52c9788c07962d103afcedabd0f16182ba89063252ed4834b8b2e889822998
SSDEEP

3072:eiVFphmYXy1Fv5r+6AQ0fMaNXVYuL5RoUZzudfGNWnAYYhJo1CS8H71kVrKmQRNq:pVF61FCZvZM8kAL7o14H5moT4j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0533c7537a2bf7bba9e5c8464bf1a86d_JaffaCakes118

Files

0533c7537a2bf7bba9e5c8464bf1a86d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36600aed4c9750b3bff04844eac152a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesW
FreeLibraryAndExitThread
GetCurrentProcess
PrepareTape
GetConsoleCommandHistoryA
CreateHardLinkW
NlsGetCacheUpdateCount
HeapUnlock
GlobalHandle
GetProcessVersion
MoveFileWithProgressW

user32

IsDialogMessageA
Win32PoolAllocationStats
PostMessageW
DispatchMessageW
DrawMenuBar
DestroyAcceleratorTable
EndDialog
DdeQueryStringW
GetClientRect
CharLowerA
GetComboBoxInfo
WINNLSGetEnableStatus
SetCaretBlinkTime
EnumDisplayDevicesA
OemKeyScan
MessageBeep
LoadAcceleratorsW

gdi32

PATHOBJ_vEnumStartClipLines
bInitSystemAndFontsDirectoriesW
GdiSetPixelFormat
GetTextExtentPointA
GdiCreateLocalMetaFilePict
GdiPlayPageEMF
ExtFloodFill
SetPixelV

Sections

CODE
Size: 9KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ