23d08e87d46b815df359f3360337f724_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23d08e87d46b815df359f3360337f724_JaffaCakes118
Size

286KB
MD5

23d08e87d46b815df359f3360337f724
SHA1

c6cf735937aae73bbfd3d6cc3ec2b361aa9e078e
SHA256

2efdb2ce6217c45fbb033fdd0d54ddc55435d084eaa0ef07c71be83a97ce31a3
SHA512

4ee3873fe6237f58a76e0f2079ef305859cea27ccf2147e4125a90f90ad8161e0394d3495d0c6dd89a2b415dbc05208b5b31d9bc91f28eb463f90028ccfd50d3
SSDEEP

6144:UNjvvJ428Ep1x9ORabeNbwsLTg6NS5zqgpsO2OT81ZuysvJC:UR3J4/Ep1nzwLTg2SH2OkZuDo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23d08e87d46b815df359f3360337f724_JaffaCakes118

Files

23d08e87d46b815df359f3360337f724_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56a933c6bfef248626e765c78eba5374

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetAtomNameA
GlobalUnlock
lstrlenA
LoadLibraryA
CloseHandle
GetTickCount
TlsGetValue
GetProfileIntA
HeapReAlloc
GetACP
HeapWalk
TlsFree
InterlockedExchange
GetStdHandle
CompareFileTime
FindAtomA
GetVersion
GetConsoleCP
WaitForSingleObject
GetModuleHandleA

user32

InflateRect
EqualRect
GetScrollRange
DispatchMessageA
SetWindowPos
SubtractRect
MessageBoxA
PaintDesktop
LoadIconA
PostMessageA
PostQuitMessage
GetWindowTextA
TranslateMessage
GetDlgItem
InsertMenuA
CreateCaret
GetMenuStringA
GetMenu
GetKeyboardLayout
EnableScrollBar
UpdateWindow
DestroyMenu
ShowWindow
SetPropA
ModifyMenuA
CopyRect
DialogBoxParamA

msi

MsiDoActionA
MsiCloseHandle
MsiEnumProductsA
MsiGetMode
MsiEnumClientsA

clbcatq

CoRegCleanup

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ