17a0196955d401f90119725ccb6cbff3_JaffaCakes118 | Triage

Sharing

General

Target

17a0196955d401f90119725ccb6cbff3_JaffaCakes118
Size

341KB
MD5

17a0196955d401f90119725ccb6cbff3
SHA1

bdaed3ad668bc429c01f0a0602ab0cd8b87ccde9
SHA256

963d4258650205ec209cca423d17c75cd06158abd959c525a857bfc7eae6dcf1
SHA512

5935346a228577855cfe4b84432419c5cfcc6261ccfd2a9378e274d3e581a5437e0635150d1d60ec3052c35647dac88b3668f2b5d3de11d989fbd848b296ecf7
SSDEEP

6144:jwxV3s78wK4jT0CGkt7OSMC3zkDD6RMtJVJoYFVJSE+PDFpRVbc55mpaDJSd:jk878TOTMa753wDCMtiYFH/+ppR4caDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a0196955d401f90119725ccb6cbff3_JaffaCakes118

Files

17a0196955d401f90119725ccb6cbff3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56e386f6877698b5b3e2c92f6d06b6df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
FreeEnvironmentStringsA
GetModuleHandleA
LoadLibraryExA
LocalUnlock
CloseHandle
GetPrivateProfileIntA
GetStdHandle
GlobalLock
IsDebuggerPresent
lstrlenW
FindClose
CreateEventA
CreateFileMappingA
HeapCreate
GetConsoleCP
GetACP
CreateFileA
LocalFree
GetLastError

user32

DispatchMessageA
SetFocus
GetIconInfo
GetDlgItem
GetDC
CheckMenuItem
GetListBoxInfo
EndDialog
RedrawWindow
GetMessageA
IsWindow
GetDlgItemTextA
DialogBoxParamA
DrawIconEx

uxtheme

EnableTheming
DrawThemeIcon
GetThemeMetric
GetThemeColor
CloseThemeData

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ