193dc0db32e1e6d59ef5f4f04b8cff7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

193dc0db32e1e6d59ef5f4f04b8cff7c_JaffaCakes118
Size

348KB
MD5

193dc0db32e1e6d59ef5f4f04b8cff7c
SHA1

17967e2652272d26d75f9f1fc4eb4567849d9148
SHA256

495cdddae49b9d6fd2989b19e545f4fe25bd92d72c9865b0a1d1eef8eeb53b40
SHA512

0835da30592ca785bfccae76dc4766152f934937c3c5d015a722980307eafb62df4f004945eb919f58fe5c682cf07614c946b259447425a8dd34b5b48d469779
SSDEEP

6144:WfwvMBC4P8jQdosvZpmNMQs8tdK6oCG41pLSq64kFxhp2:tvMBZemrXQsYQnb+LfGhc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
193dc0db32e1e6d59ef5f4f04b8cff7c_JaffaCakes118

Files

193dc0db32e1e6d59ef5f4f04b8cff7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed1500bd69f5bb4ff0ea36c7a1f56d09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
CreateMutexA
GetProcessHeap
FindResourceW
GetExitCodeProcess
TlsGetValue
CreateFileA
GetCurrentThreadId
ReleaseMutex
GlobalUnlock
GetModuleHandleA
lstrlenW
CloseHandle
HeapCreate
DeleteAtom
LoadLibraryExA
SetLastError
GlobalFree
GetEnvironmentVariableA
TlsAlloc

user32

CreateWindowExA
GetDC
DispatchMessageA
SetFocus
GetDlgItem
CreateMenu
DrawEdge
FillRect
CallWindowProcA
IsWindow
DrawMenuBar
GetCaretPos
CheckRadioButton

rsaenh

CPHashData
CPDeriveKey
CPGenKey
CPSignHash
CPDecrypt

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 271KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ