235a461fabb2ac66aa763fede5f41894_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

235a461fabb2ac66aa763fede5f41894_JaffaCakes118
Size

202KB
MD5

235a461fabb2ac66aa763fede5f41894
SHA1

16aeed1e6c0d3202fd48898b72db4d82c7f277ad
SHA256

c5b67ff27a137fd5808805a45e9263579417ea98ef6d978dfdee0304789a5543
SHA512

1221846f83b82e42996cfcbfc369f0aa5c139364d5f85cc1d4b3420ebb5f2bad508492d6ef27140ece370ab539f0b78817af45c3d71bb59f546b6a4475249cec
SSDEEP

6144:+OeMmtjFWgjkdAael41jVpISgrst57YMWR+lTSLELU5e:qp/HmRmhm57YMKFoL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
235a461fabb2ac66aa763fede5f41894_JaffaCakes118

Files

235a461fabb2ac66aa763fede5f41894_JaffaCakes118
.exe windows:5 windows x86 arch:x86

585480a567eefef59026b0e2b89c4705

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow
EndDialog
SetPropA
EnumDesktopsA
IsCharAlphaNumericW
SetWindowTextA
DialogBoxParamA
SetWindowPos
OemKeyScan

ole32

CoFreeLibrary
CoUnmarshalHresult
OleFlushClipboard

kernel32

GetCurrentProcessId
CopyFileW
CreateProcessW
GetStartupInfoA
SetFileAttributesA
DeleteAtom
HeapFree
AddAtomW
LocalAlloc
InitializeSListHead
LocalFree
GetProcAddress
LoadLibraryExW
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
InterlockedExchangeAdd
HeapCreate

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ