1ae437115bd58100b431aa3e5013f7d0_JaffaCakes118 | Triage

Sharing

General

Target

1ae437115bd58100b431aa3e5013f7d0_JaffaCakes118
Size

25KB
MD5

1ae437115bd58100b431aa3e5013f7d0
SHA1

e21909fd992447377b3d9f579a1a53980c24abc2
SHA256

8cd62ade99dc2ba125a73e1a8375e548e821382e1bd33446828054ec32ca0f35
SHA512

1f49315a7a29014fc7ce35b30db3623a26874b1f10158ea95bcea0c357f8260868659862dad13492ad64967a8db57ac1a61342d71965c274a8f5205554b5aae1
SSDEEP

384:zLLIs7ZrWomQZRzWv4r5LF3quEQ7Xev1dH9OEtsiy+2pL:zvIkZaobJWglLFauE0uNFUEtsS2pL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ae437115bd58100b431aa3e5013f7d0_JaffaCakes118

Files

1ae437115bd58100b431aa3e5013f7d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8757ec0bd334ecb0aafadce10a06d03a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
LoadLibraryExW
lstrlenA
FreeConsole
GetConsoleTitleA
IsDebuggerPresent
VirtualProtectEx
CloseHandle
CreateMutexA
GetSystemTime
LocalFree
ResetEvent
GlobalLock
Heap32First
IsBadReadPtr
EnumResourceTypesW
SetLastError
GetStdHandle
CancelIo

user32

EndDialog
CopyImage
GetMessageA
GetDlgItemTextA
GetKeyState
GetDlgItemInt
DialogBoxParamA
CloseWindow
GetParent
EnumWindows
CreateWindowExA
GetMessageA
IsIconic
MessageBoxA

setupapi

MyFree
SetupCloseLog
IsUserAdmin
MyMalloc
MyRealloc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ