16c11b562408332113b87c5b6f4cb54e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16c11b562408332113b87c5b6f4cb54e_JaffaCakes118
Size

157KB
MD5

16c11b562408332113b87c5b6f4cb54e
SHA1

4045ffad5ddd636edc87bbf2469bb9a8a7384739
SHA256

6c6b66c298f750801f3e5d71c22119d45b10770651d38eeefd6bf74810e4301b
SHA512

f4d49fea869a33ea6eb877de19bb4ea5b4d6b6d85ea179057470eeb06c4cb6f9bc25ce68352a985f744dfd3b46698f29378792525a97259121820c0048496609
SSDEEP

3072:D11Ug09vT0aY3kg2Cf9Libm7CbdalGk7DfH5THm6irbP7ryygUKO+eHju:M9vT0nVtum7odalrDRTNsXrytpO/Du

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16c11b562408332113b87c5b6f4cb54e_JaffaCakes118

Files

16c11b562408332113b87c5b6f4cb54e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b3cce90803126b9cc878ecb4c9e7ecd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
WriteConsoleOutputA
WritePrivateProfileStringA
GetProcessTimes
TerminateJobObject
RemoveDirectoryA
OpenWaitableTimerW
GetDriveTypeA
GetLastError
IsBadStringPtrA
GetProcessHandleCount
TerminateProcess
PulseEvent
VirtualAllocEx
OpenMutexA

user32

ChangeMenuA
SetMenuItemBitmaps
GetUpdateRgn
GetFocus
SetProcessWindowStation
InvalidateRect
DrawTextExW
GetMonitorInfoA
GetMenuItemInfoA
EnumThreadWindows
DisableProcessWindowsGhosting
SetProgmanWindow
ModifyMenuA
SwitchDesktop
SetWindowLongA
BroadcastSystemMessageExA
SwitchDesktop
ToAsciiEx
RegisterShellHookWindow
GetScrollRange
IsWinEventHookInstalled
EqualRect

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ