16b2174833e103ccd70b2723926ed838_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16b2174833e103ccd70b2723926ed838_JaffaCakes118
Size

544KB
MD5

16b2174833e103ccd70b2723926ed838
SHA1

948a97cea14d8cfa03519594c46f582d2eea0881
SHA256

2456b8bf5d79b43fc756c299a4b9c13e42bb84188f8eff8996b8e7d954eeeb98
SHA512

ffa07f608997cf9767b9a311cbba6017b0dfdb400bc7cb86b8edfa3f8e4c3110c8c0953cb154276efb61d8b061714f127c21791b4707cf62a84243ad68844842
SSDEEP

12288:l8i3VhDKalHjS/SLFkQpo0PlWYmv3tLtD3V:93zDK5qL5o0PkxvdL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16b2174833e103ccd70b2723926ed838_JaffaCakes118

Files

16b2174833e103ccd70b2723926ed838_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c974c22430d94373bdcb0b3e478e4be3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
GetEnvironmentVariableA
EnumResourceLanguagesA
FreeConsole
GetProcessId
GetStringTypeExA
CreateFileA
WritePrivateProfileStringA
GetFileAttributesA
LZCopy
HeapReAlloc
GetConsoleInputExeNameA
GetOEMCP
GetLocalTime
HeapAlloc
VirtualAllocEx
GetConsoleOutputCP
OutputDebugStringA
SetComputerNameExW
UpdateResourceA
WriteProfileSectionA
SetEndOfFile

advapi32

RegCloseKey
DuplicateToken

user32

SetWindowLongA
GetWindowContextHelpId
GetLastInputInfo
SetProcessWindowStation
FlashWindowEx
ScreenToClient
SetSystemCursor
SetWindowWord
CreateCaret
DialogBoxIndirectParamA
GetWindowTextA
GetUserObjectInformationA
SetSystemMenu
IsDlgButtonChecked
SetSysColors
GetLayeredWindowAttributes
MessageBoxA
CopyRect

Exports

Exports

Xhnfauevc
Otnchnhm
Jjfpwtmtofq
Phdglqt
InitNbaebgfdi
CreateRjmwlju

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 508KB - Virtual size: 844KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ