1893e2228c1e5335a5f504dba847f31c_JaffaCakes118 | Triage

Sharing

General

Target

1893e2228c1e5335a5f504dba847f31c_JaffaCakes118
Size

85KB
MD5

1893e2228c1e5335a5f504dba847f31c
SHA1

27d44794a0edddd7c586b6e226485ab1d402ddfd
SHA256

2ec8b679c993541d6249b04b558f9f032091b2716ecd37b8f12746004b4aff8f
SHA512

1ef06b3ee311f7e27ec36007830a0d72f679e82c696060b15ba3d29d0500e33c24b295081b8ad8fc47a25528aebacbe18b624daa74b5c56b0d9ce1d29292bfc0
SSDEEP

1536:9huSjsrlYszNYFgLgHZFhD3fKS3e5zoTRxoRzH65+EObBsU7:G7BYkYF/TB3CS3YMTvox6+j57

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1893e2228c1e5335a5f504dba847f31c_JaffaCakes118

Files

1893e2228c1e5335a5f504dba847f31c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2d871b73a662ce241321611b075b6552

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StretchBlt
SetStretchBltMode
SetDIBits
SelectClipRgn
BitBlt
GetBkMode

msvcrt

exit

ntdll

RtlInitUnicodeString

shlwapi

PathGetArgsA
StrCmpIW

kernel32

SystemTimeToFileTime
WinExec
ExitProcess
CreateFileMappingA
GetTimeZoneInformation
MoveFileA
GlobalAlloc
RegisterWaitForSingleObject
GlobalFree
WaitForSingleObjectEx

user32

ExitWindowsEx
IsCharAlphaW
GetShellWindow
GetMenuStringW
DrawTextW
PtInRect
SetDlgItemTextA
GetAsyncKeyState
SendInput
SetDlgItemTextW
DestroyIcon
CharUpperA
CharLowerBuffW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 155KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ