152f400a9c3a3c345fa98739b5689bc7_JaffaCakes118 | Triage

Sharing

General

Target

152f400a9c3a3c345fa98739b5689bc7_JaffaCakes118
Size

172KB
MD5

152f400a9c3a3c345fa98739b5689bc7
SHA1

1bf8356095f469f370da45fb6adba968a917db1b
SHA256

7245e837f4b16641572f0fc08f31e38d8f3dfbdd0b8c31838bd43860c3025486
SHA512

f72a4093846fb9f45cb9a904e70c5bc17c5ead787e908972033abb7af3c31035fc0f465073cf1d0fb58a6d2753d9fc7b9af65e19ca6255e3a9e37fb3ef4c945e
SSDEEP

3072:R9BMlLI9acXMLkVqqYDFtHiMDtT9CqRf8wSt9t0Fv8jlPlTLC92j91:3SNI9H8LaqjCO/dfEju8j1pC+H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
152f400a9c3a3c345fa98739b5689bc7_JaffaCakes118

Files

152f400a9c3a3c345fa98739b5689bc7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

957585246394844ad73a640bb2b58a17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetModuleFileNameA
LoadLibraryA
VirtualAlloc
lstrcatA
lstrcpynA
lstrcpyA
FreeConsole
GetModuleHandleA
GetCommandLineA
GetLastError
SetLastError
GetCPInfo
ExitProcess
OutputDebugStringA
CloseHandle
Sleep

user32

MessageBoxA
CreateMenu
KillTimer
GetQueueStatus
GetParent

gdi32

DeleteObject
CreateCompatibleDC

comdlg32

ChooseFontA

ole32

CoInitialize

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ