157bdb98737a672acc085b8cc36e859e_JaffaCakes118 | Triage

Sharing

General

Target

157bdb98737a672acc085b8cc36e859e_JaffaCakes118
Size

9KB
MD5

157bdb98737a672acc085b8cc36e859e
SHA1

786f88ad697a4561a4899214adc955bba174cbc2
SHA256

ee5fec23ecfd1fe6ffea82eb794d227cf454e1975b441ef021716dafdc12e645
SHA512

42e5a894833d0269c32ab3cbc199a899c186b9f7492408239113dd70a65476e92855a84e815a9b5bb6466df9dd498f2e6f3f34f0a00d4c0c80286ae7e031a5da
SSDEEP

192:TlR2ZPgyH68Yq47RN/oyQ5jLngQcceOGGJts7wAu:xEoq+jQ5jrgQeOGyts8R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
157bdb98737a672acc085b8cc36e859e_JaffaCakes118

Files

157bdb98737a672acc085b8cc36e859e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f36186af1a45d932a05c34a2b08b5ce0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePipe
ExitProcess
GetCommConfig
GetCompressedFileSizeW
GetTempPathA
GetWindowsDirectoryA
GlobalFree
SetCriticalSectionSpinCount
SetLocalTime

advapi32

CreateProcessAsUserA
EnumServicesStatusW
GetSecurityDescriptorControl
LookupAccountSidW
MakeAbsoluteSD
RegFlushKey
SetFileSecurityA

user32

AnimateWindow
DefWindowProcW
DlgDirListComboBoxA
GetPropA
GetScrollRange
GetWindowDC
GetWindowThreadProcessId
ModifyMenuA
ModifyMenuW
SendMessageA
SetDeskWallpaper
VkKeyScanW
wsprintfW

gdi32

BeginPath
CopyMetaFileW
CreateDIBPatternBrush
CreateDiscardableBitmap
DeleteObject
EnumFontsW
ExtFloodFill
GetCharABCWidthsA
GetCharABCWidthsW
GetCharWidth32W
GetNearestColor
GetTextCharacterExtra
PatBlt
ResizePalette
SetWinMetaFileBits

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE