06fce2e84d0f3268f251f8108595dcca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06fce2e84d0f3268f251f8108595dcca_JaffaCakes118
Size

328KB
MD5

06fce2e84d0f3268f251f8108595dcca
SHA1

e85a8056dde5ea9e558840f7ad6a9cfc5d9d85c6
SHA256

d28b475f5430e5324a8831238af5a1d52f4bf89b3c7b5fb964f2da947e403e5c
SHA512

4447a43bf109443286b1e18bea3626749bd6e87b5dfb7d80e350efdf34f8790335e7dc97c0316f738568e79e4fa1dea225a37cc898f9bde75d9288a004708bba
SSDEEP

6144:5xVpBMDHXxy+CdFr/GJS0hGaMUXjyIU4Ozwp05M8:j7OD3wDjTGJZcatjQXzksM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06fce2e84d0f3268f251f8108595dcca_JaffaCakes118

Files

06fce2e84d0f3268f251f8108595dcca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fb3feb4752eee0378d575f5a43a2aae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetSystemDefaultLangID
lstrlenA
HeapReAlloc
CompareFileTime
WaitForSingleObject
HeapCreate
GetConsoleCP
SuspendThread
GetTickCount
InterlockedExchange
SetConsoleCP
GetStdHandle
GlobalUnlock
GetVersion
VirtualProtect
GetCommandLineA
WaitForMultipleObjects
SearchPathA
GetAtomNameA
CloseHandle

user32

SetScrollInfo
CopyImage
GetCursorInfo
MessageBoxA
DialogBoxParamA
DispatchMessageA
GetDlgItem
DrawCaption
CreateIcon
CreateMenu
FindWindowA
GetKeyState
GetKeyboardLayout
DestroyMenu
EnableScrollBar
SetPropA
IsDialogMessage
InsertMenuA
DispatchMessageA
InvertRect
SetWindowPos
CreateCursor
DragObject

advapi32

RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegCloseKey

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ