1692ac27b450c2675405587c177fadfd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1692ac27b450c2675405587c177fadfd_JaffaCakes118
Size

277KB
MD5

1692ac27b450c2675405587c177fadfd
SHA1

d078719847d450550f67eace45b4ccfb5e01b191
SHA256

ae3d19f37dffaaee6bf86cde6210f4111966c36c2fedc5817019794d8f434f6e
SHA512

81caca8344804d38216864eb8e85bdc9b09791e30503dc63780ae739caf1c0d174ae3f169e0730a813c5f9203e2f5368235fea13b8b9be6a16e6f48021c617a3
SSDEEP

6144:1qJhwM473yv4kfZudgkHuCEKQYIQ1ycf:4hOiv3RgTQYQcf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1692ac27b450c2675405587c177fadfd_JaffaCakes118

Files

1692ac27b450c2675405587c177fadfd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

656e6cfcb514b12834ff6633ca72f86b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateProcessA
CreateThread
EnterCriticalSection
ExitThread
FreeLibrary
GetLocalTime
GetProfileStringA
GetTickCount
GlobalAlloc
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
SetEvent
SetFilePointer
Sleep
WaitForSingleObject
WriteConsoleA
lstrcmpiA
lstrlenA

user32

DestroyWindow
GetDlgCtrlID
GetScrollInfo
GetShellWindow
GetWindowLongW
MessageBoxA
PostThreadMessageW
SetRect
SubtractRect

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 914B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ