03dc68e6f8045e41ebaf86e10d3f8427_JaffaCakes118 | Triage

Sharing

General

Target

03dc68e6f8045e41ebaf86e10d3f8427_JaffaCakes118
Size

57KB
MD5

03dc68e6f8045e41ebaf86e10d3f8427
SHA1

103ab56353bcf92b1ae0e2de9ed3e2c4596d5d6d
SHA256

db4d3842d31760c045778f81b1088fb033e5dfbfddd9bb71680810709b202f41
SHA512

ff74f2d209e23d201e9f0e72da25dadf5c6ecc93a5161dbbba862c0b4563ab440d275492a1688d8bc8fc3641c30d9d8d498dcef9186bed74295d374321fe0862
SSDEEP

1536:umu/0BX47wAgX+PClkb3rHTnVf7O17qecn+aynuk7qluv:umux7wAqgClkb7HTVf6lrclqq4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03dc68e6f8045e41ebaf86e10d3f8427_JaffaCakes118

Files

03dc68e6f8045e41ebaf86e10d3f8427_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6c859fbeb49c214c574ff47d170cb467

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
lstrlenA
lstrcpyA
GetVersion
GetTempPathA
CloseHandle
WriteFile
CreateFileA
GetTickCount
GetSystemTime
lstrcatA
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetLastError
GetModuleHandleA
FindAtomA
LoadLibraryA
GetTempFileNameA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
GetCommandLineA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

GetCursorPos
EqualRect
ClientToScreen
wsprintfA
InflateRect
GetWindowRect
GetCaretPos
GetFocus
IsWindowVisible

shlwapi

SHGetValueA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE