166578c0fec432c2739c2a2f1b48bff4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

166578c0fec432c2739c2a2f1b48bff4_JaffaCakes118
Size

28KB
MD5

166578c0fec432c2739c2a2f1b48bff4
SHA1

0ae46492ab37cb355a1a3af9efae02e4f9fe4ef7
SHA256

e4a4e8b8c66fe787dfc29f334e8a53b34247a4ae0a35e906116d1a1905e81332
SHA512

a1ad08ada90a99d2f465e1654f977f647a5c0a2dfc3357bd4afc5711347cb99a28895a56fd8c7122fd35561aa1f0c1a1a97add21e976860dcd683762cf61f6b6
SSDEEP

768:AkulJTgjB2DTRT/iYx9STAMVG1t4drWWqAH8QH4YG0aDYXFP0eIUeY3pv:FuPgVuRT/i0MVetZWqAH9HBG0XdDIWZv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
166578c0fec432c2739c2a2f1b48bff4_JaffaCakes118

Files

166578c0fec432c2739c2a2f1b48bff4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

59b04cc957232105475280e8216a1112

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
LocalFree
TlsGetValue
FindResourceA
ReleaseMutex
CreateMutexA
lstrlenW
CreateFileA
GetCurrentThreadId
TerminateThread
SetEnvironmentVariableA
PulseEvent
HeapCreate
Sleep
SetLastError
CloseHandle
GetConsoleMode
GlobalUnlock
GetStdHandle
GetModuleHandleA

user32

GetClipCursor
FillRect
CheckRadioButton
GetDlgItem
GetIconInfo
CopyRect
DrawMenuBar
CallWindowProcA
IsWindow
GetDC
DrawEdge
SetFocus
DispatchMessageA

apphelp

SdbFindNextTag
SdbFindFirstTag
SdbCloseDatabase
ApphelpCheckIME
SdbGetDatabaseID

clbcatq

ComPlusMigrate

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ