22f4bd8105873c486bab711d5c152726_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22f4bd8105873c486bab711d5c152726_JaffaCakes118
Size

35KB
MD5

22f4bd8105873c486bab711d5c152726
SHA1

1cb35ae5037541a8575d7f33de5ef2e34f12b60c
SHA256

2e2eaf60b60569d16fbcc0838bccc6a4699c17e90cca15edae7b05d9fad3db13
SHA512

40bb6caac3af4a97b62d8e59aebb4ccd449f6391348f6f22fc2c20018c3d969d13b394e89be6160be3ddd2642156e67ac4cb5e22b2dc3b5b3e05be6aadcd3b04
SSDEEP

768:9sjXCvL2yw1wuKODEM+UNl46x8jCPshx+N7/IXq5A8YXnDBL3r:9sjX4W7QMxNl5xbN7/s+A88n13r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22f4bd8105873c486bab711d5c152726_JaffaCakes118

Files

22f4bd8105873c486bab711d5c152726_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dbaa3b10fc5fe9778d25e9653aee17a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetStdHandle
WaitForMultipleObjects
GetTickCount
WaitForSingleObject
GetModuleHandleA
HeapReAlloc
GetAtomNameA
CloseHandle
SetConsoleCP
lstrlenA
SuspendThread
CompareFileTime
GetConsoleCP
LoadLibraryExA
InterlockedExchange
GlobalUnlock
VirtualProtect
GetSystemDefaultLangID
HeapCreate
GetCommandLineA

user32

CreateMenu
DrawCaption
FindWindowA
DestroyMenu
GetKeyboardLayout
DispatchMessageA
DialogBoxParamA
InsertMenuA
GetKeyState
DragObject
IsDialogMessage
SetWindowPos
EnableScrollBar
GetDlgItem
FillRect
CopyImage
SetScrollInfo
GetCursorInfo
InvertRect
CreateIcon
SetPropA

advapi32

RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegCloseKey
RegQueryInfoKeyA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ