18fdf2cbc2d207204920e1e2faf44159_JaffaCakes118 | Triage

Sharing

General

Target

18fdf2cbc2d207204920e1e2faf44159_JaffaCakes118
Size

413KB
MD5

18fdf2cbc2d207204920e1e2faf44159
SHA1

b0bfbf4daba0d41fd95808383740c2247f73a9a9
SHA256

ae0af4ebad2593271bb4671b9b038c6288967a9ebb5aff57e293225ada803dd5
SHA512

ca2e68c23d57de150fdc2a7e84e8effe52851c94c17a7063241d079d6f9041cd99249a8e22c358d2f3a8bdc9e7d32978bdb537e5fc28b54d93007c0df4cd4abc
SSDEEP

6144:zGoNREtUzhIBhwrtKQeMixD10lqk3A+8sJSy91qBrXVXHMOXXNdgtCxdJS0:3W6bcOZ3AuwiqBrFpXXg0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18fdf2cbc2d207204920e1e2faf44159_JaffaCakes118

Files

18fdf2cbc2d207204920e1e2faf44159_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f52f255faa2c7650031b66feea4c84fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalHandle
CreateJobSet
ExitProcess
GetProfileIntA
GetTapeStatus
GetStdHandle
GlobalFree
VirtualAlloc
EnumDateFormatsA
GetProfileStringA
GetOEMCP
GetUserDefaultLangID
GetModuleHandleA
CloseHandle
GetProcessHeap
FindAtomA
CreateMailslotA
GlobalLock
GetVolumePathNameA
GlobalFlags
EnterCriticalSection

user32

GetDC
GetClassNameA
GetClassInfoExA
EndPaint
RegisterClassA
IsIconic
GetForegroundWindow
GetWindow
GetActiveWindow
GetWindowTextLengthA
GetFocus
ShowWindow
GetWindowTextA
GetParent
CloseWindow
ValidateRect
DrawEdge
BeginPaint
ReleaseDC

gdi32

CreateDIBitmap
GetCharWidthA
GetColorSpace
ExtCreatePen
CreateDCA

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ