072d5fe87b190d82194d7072a544df45_JaffaCakes118 | Triage

Sharing

General

Target

072d5fe87b190d82194d7072a544df45_JaffaCakes118
Size

636KB
MD5

072d5fe87b190d82194d7072a544df45
SHA1

cb1af1aa2afeaa1f9fe9fadb31a8ebb93dda3706
SHA256

4ba63027f2838483fb0a9af355a43d1e8c3a8db6e842dcb740588447fbbf182a
SHA512

d59a34363fdc01d6241481c18f9b56eaf6343b429f3d82595a52ce7cdd61a11bf011e10245cc3bd49e448dfe204ac612001eebb3606f126b7ac134e7c4c27326
SSDEEP

12288:oh9mB+K/g9xb9B5YqIizD9NT/BbgyyEFf5/knBUetEmh8i8yxwvSK4tFa96s:c9mB+D7bj5rIitNbBTfayOtwvb4tFFs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
072d5fe87b190d82194d7072a544df45_JaffaCakes118

Files

072d5fe87b190d82194d7072a544df45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56eae9244e24df988d5020f5b2b1741f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
VirtualProtect
GetProcessHeap
WaitForSingleObject
HeapDestroy
HeapCreate
HeapQueryInformation
GetTapeStatus
InterlockedExchange
IsDebuggerPresent
GetProcessVersion
GetEnvironmentStringsA
LoadLibraryExA
CreateIoCompletionPort
GlobalMemoryStatus
GetStdHandle
GetModuleHandleA
GetTimeFormatA
GetCurrentThread
GetCurrentProcessId
GetLogicalDrives

user32

GetCursorPos
FillRect
GetParent
EndPaint
DragDetect
wsprintfA
BeginPaint
DrawTextA
ReleaseDC
SetActiveWindow
GetDlgItem
GetTitleBarInfo
GetWindow
ShowWindow
GetFocus
SetForegroundWindow
FrameRect
GetWindowTextLengthA
GetClassNameA

advapi32

RegCloseKey
RegEnumKeyA
RegSetValueExA
RegCreateKeyA
RegFlushKey

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ