13f2177bdc37295e5e2096e3a1b3e74f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13f2177bdc37295e5e2096e3a1b3e74f_JaffaCakes118
Size

183KB
MD5

13f2177bdc37295e5e2096e3a1b3e74f
SHA1

498ec37e8d3c43f4a15574bafb16263aafa11e18
SHA256

3c5b32d497ff919c853f7a214370986887302ca2f877c1c33899b7ac9e134726
SHA512

2cee6fe685bb3aac53de84c1833a73edb940877b6f2ef7e33d3556287b0c58dc99b8b562491115ec150a349d6f2f09155e32bae44869bb293cf99c1299e59c32
SSDEEP

3072:0u7utoqOCOTk+fcp4WeGLcaN7WAHg9aMpxZsqF3HDI4Zu1CoUE:0u7a2CURcCGlN7WAYZsqJMou1d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13f2177bdc37295e5e2096e3a1b3e74f_JaffaCakes118

Files

13f2177bdc37295e5e2096e3a1b3e74f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e212b76ec1d61073e3dc135330a41fff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
OpenMutexA
FindClose
ReleaseMutex
GetVersionExW
FindAtomA
GetTickCount
CloseHandle
VirtualProtect
lstrlenA
SearchPathA
Sleep
DeleteCriticalSection
FindResourceExA
CreateMutexA
SetEvent
GetLastError
CreateThread
PulseEvent
TlsGetValue

user32

EndDialog
CreateMenu
GetUpdateRect
GetScrollBarInfo
CloseWindow
IsIconic
GetKeyState
CopyImage
DispatchMessageA
EnableWindow
DragDetect
CreateWindowExA
DialogBoxParamA
GetMessageA

loghours

DialinHoursDialogEx
DirSyncScheduleDialog
DirSyncScheduleDialogEx
DialinHoursDialog
LogonScheduleDialog

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ