09afe69e5d3ce6f0917aa056f09fcf9a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09afe69e5d3ce6f0917aa056f09fcf9a_JaffaCakes118
Size

169KB
MD5

09afe69e5d3ce6f0917aa056f09fcf9a
SHA1

1e7216f1f48ed3e8d003543b4fd7d8e6e1a53462
SHA256

16cac02dffaba15866a84f734d2463e71c619014ae76f07dba25072c008fc8f3
SHA512

55cba9eed05051ed34a780bd9c82985899aee7347f4408f72fc68efdd67ceec1b728a026483e11bf8e7ecb343391d550c2c86964ffbaad7128b309df737c9b4a
SSDEEP

3072:YZFGMtFD0pncbtlpfNKBFsx0XzVWXqK2qPI+5xbfk3IJxeTf/FCao0H:YZF1t5kKPKBFsx0XsXq+K+YT3Fro0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09afe69e5d3ce6f0917aa056f09fcf9a_JaffaCakes118

Files

09afe69e5d3ce6f0917aa056f09fcf9a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5162173ff64a4efd97f5ea9a1151bfb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExW
GetDoubleClickTime
GetAsyncKeyState
GetCaretBlinkTime
BeginPaint
EndPaint
SetWindowTextA

gdi32

GetBrushOrgEx
GetArcDirection
GetStockObject
GetTextColor

comctl32

ord17

kernel32

HeapFree
SetFileAttributesA
GetStartupInfoA
GetEnvironmentVariableA
GetTickCount
GetLastError
InitializeCriticalSection
GetProcessVersion
GetCurrentDirectoryA
SetEndOfFile
GetThreadLocale
GetDateFormatA
IsProcessorFeaturePresent
HeapAlloc
HeapCreate
HeapDestroy
FreeLibrary
GetEnvironmentStrings
DeleteCriticalSection
LeaveCriticalSection
GetProcAddress
LoadLibraryA
EnterCriticalSection

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ