16305caa0517112685627578f2a24e54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16305caa0517112685627578f2a24e54_JaffaCakes118
Size

176KB
MD5

16305caa0517112685627578f2a24e54
SHA1

7d5c847ea189732b9a674bd4d7dff14ad2857901
SHA256

d74c4215b787c52184ba75ab1e17bdc6c5107b28a851b2891bddbfdc7a1db486
SHA512

dc560704da8189357bdbdacfa038aad7a16934b7410ce69b59f47151a9833197d8225bcc71759ed3b4d83c5b0508b7dbb562621cb31b9276c070129c1e494717
SSDEEP

3072:GHZEJV6VCkqQaA1JHrW89TVOf7f10mSAJpyLwhOcXA0k4CaTauNHHt/hc:EK6VCkv38SmzhQ0k4AuhHtu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16305caa0517112685627578f2a24e54_JaffaCakes118

Files

16305caa0517112685627578f2a24e54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c7e4667bc775fbdbbcbc5bccda91f08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetParent
MessageBoxW
LoadCursorW
GetWindowInfo
CreateWindowExW
GetDC
RegisterClassExW
EndDialog

kernel32

lstrcpynW
GetStartupInfoA
CheckRemoteDebuggerPresent
TlsGetValue
EnumResourceTypesW
InitializeCriticalSection
TlsAlloc
HeapCreate
TlsFree
GetFileType

oleacc

LresultFromObject

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.apexi
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ