1651090f0b0d56669a6a36b74ce2da0d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1651090f0b0d56669a6a36b74ce2da0d_JaffaCakes118
Size

976KB
MD5

1651090f0b0d56669a6a36b74ce2da0d
SHA1

a0c033130a0405cab4225fa993729b0d81c37081
SHA256

30693c56a530adf059bb86fe05ca75b26bac3f5973080016bacab9f8af0e924a
SHA512

9482aec498822f93ccbb9498881746598b4abbbc8c1326a9fe8dd30e9ec31c9766cd066f89cd5818cc74f0fd742b7d8771505c5802640ea39f59621dd8123b94
SSDEEP

24576:zsW7APWBYjuwbiWvDUNsGEdbHh7izPo1kTZDSokf:Z8PqYjtbDYe7UXDe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1651090f0b0d56669a6a36b74ce2da0d_JaffaCakes118

Files

1651090f0b0d56669a6a36b74ce2da0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca1c7853b29bed02bab5cfa77f707413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy
DeleteCriticalSection
TlsSetValue
lstrlenW
Sleep

user32

GetKeyboardType
WindowFromPoint

advapi32

RegQueryValueExA
RegSetValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex
GetErrorInfo

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

imm32

ImmSetCompositionWindow

Sections

.text
Size: 472KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bhgt
Size: 484KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdyg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE