0e5ace9918cde762f3f2c3050a5fd0bd_JaffaCakes118 | Triage

Sharing

General

Target

0e5ace9918cde762f3f2c3050a5fd0bd_JaffaCakes118
Size

68KB
MD5

0e5ace9918cde762f3f2c3050a5fd0bd
SHA1

48c2a947fa63db2fc2c2a23bde5736fb0b8d2df8
SHA256

98e3c00df51fe1717c728ed851914a476ae6d0df771700a59f690e8588194421
SHA512

9ddca76fbd611da81a41b78b1eab71e08c574e9465084b224759605ee0f0f566a9c1ecb7e26445650a70213d5b775ec6f68344032d3463aa38476865f7b67f61
SSDEEP

768:6VrQGo5IfrJlKgEHwqH0yRfUNt4c6pduC7Ji0pdwBicJx:yQGxvKNwqpQApJ7JipBBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e5ace9918cde762f3f2c3050a5fd0bd_JaffaCakes118

Files

0e5ace9918cde762f3f2c3050a5fd0bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ce0d2e3343c9fb05e460de2d25a3aee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
MulDiv
MultiByteToWideChar
WaitForMultipleObjects
FindNextChangeNotification
GetLogicalDrives
GetProcAddress
InterlockedIncrement
QueryDosDeviceW
SetFilePointer
GetPrivateProfileStringW
GetTickCount
LoadLibraryW
SetEndOfFile
LoadLibraryA
FindNextFileW
CreateThread
GetLastError
CreateEventW
GlobalUnlock
GetModuleHandleW
CreateWaitableTimerW
GetCurrentProcessId
GetDriveTypeW
ResetEvent
LoadResource
DuplicateHandle
GlobalAlloc
FindFirstFileW

user32

GetKeyState
RegisterClassExW
EndDialog
FillRect
ReleaseCapture
TrackPopupMenu
GetSysColor
GetParent
wsprintfW
LoadStringW
VkKeyScanW
LoadBitmapW
MessageBoxW
GetWindowRect
SetDlgItemTextW
SetWindowPos
CreateWindowExW
SystemParametersInfoW

gdi32

CreateRoundRectRgn
SetMapMode
LineTo
MoveToEx
SetDIBits

advapi32

LookupPrivilegeValueW
StartServiceW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegCloseKey

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE