07ffe7adfe2c7756b3b7cb0b9275bc0b_JaffaCakes118 | Triage

Sharing

General

Target

07ffe7adfe2c7756b3b7cb0b9275bc0b_JaffaCakes118
Size

636KB
MD5

07ffe7adfe2c7756b3b7cb0b9275bc0b
SHA1

7281d2afc26b2c8dd654e8dfc4c28d61a3239359
SHA256

9190a9533d9812fd9d9fa7e7cf2480b21872e98034d5d651117d422e6a5dc7d2
SHA512

ce40237fc0bccdd0482bc5ae4258cf916eebacb2a397b01accc369228fa30aa08875ade6b1de82cecad760a5fffb01bccdd4a02581c34259de9fad37b7f08326
SSDEEP

12288:NqwQBI2ox0auZK248B7xIGJ3bGNacM+oz8JGuS4wLSlFd:NqwAh60aiIM7x5xbMLom44wmF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07ffe7adfe2c7756b3b7cb0b9275bc0b_JaffaCakes118

Files

07ffe7adfe2c7756b3b7cb0b9275bc0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13796222b56394b1924185650d16fdfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetModuleHandleA
InterlockedExchange
GetVersion
lstrlenA
WaitForMultipleObjects
WaitForSingleObject
GlobalUnlock
GetAtomNameA
CloseHandle
SearchPathA
SetConsoleCP
VirtualProtect
GetStdHandle
GetCommandLineA
CompareFileTime
GetConsoleCP
SuspendThread
GetTickCount
GetSystemDefaultLangID
HeapCreate

user32

GetDlgItem
CreateCursor
IsDialogMessage
InsertMenuA
CopyImage
EnableScrollBar
DispatchMessageA
GetKeyboardLayout
GetKeyState
InvertRect
FindWindowA
DispatchMessageA
DrawCaption
SetPropA
MessageBoxA
DragObject
SetScrollInfo
CreateMenu
GetCursorInfo
SetWindowPos
CreateIcon
DialogBoxParamA
DestroyMenu

advapi32

RegCreateKeyExA
RegQueryInfoKeyA
RegCloseKey
RegEnumValueA
RegEnumKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ