16f04b0662cb4ce64f229807f92d898a_JaffaCakes118 | Triage

Sharing

General

Target

16f04b0662cb4ce64f229807f92d898a_JaffaCakes118
Size

173KB
MD5

16f04b0662cb4ce64f229807f92d898a
SHA1

b2ab45ccf9d50ee96bee79ef1b3cc42727afc584
SHA256

c26c923204f2007041c3c4230c197e9975b19365820d3ec134b284f9b59d5779
SHA512

20a3c81f65fd54295048c7d342b94a125878d6d0ae4a3d712348888643e2a081ea13e13a5d117e2b01d6bd9ac3a165d1ae53cd62c8d7f2d44461cea48c545fcd
SSDEEP

3072:BvA07MarmdOLq35essMyprfMywF0VeV2/QnB1mFGDn5xwqgAmkCClzvsg/grnxyQ:tMaaUC6My0F0VysoBgFwsc5vn8nxJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16f04b0662cb4ce64f229807f92d898a_JaffaCakes118

Files

16f04b0662cb4ce64f229807f92d898a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baebe5e8c5f94797b4bfe5de75e3a4c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetKeyState
GetClassLongA
CharLowerA

kernel32

GetThreadPriority
LoadLibraryA
TransmitCommChar
InterlockedDecrement
EnumResourceNamesW
ExitProcess
LoadLibraryW
GetProcAddress
FreeLibrary
InterlockedIncrement

msimg32

AlphaBlend
TransparentBlt

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ