247f1eb3aacfd74490b3f959d18aad12_JaffaCakes118 | Triage

Sharing

General

Target

247f1eb3aacfd74490b3f959d18aad12_JaffaCakes118
Size

57KB
MD5

247f1eb3aacfd74490b3f959d18aad12
SHA1

9e7df71ad2896ed9623e73052fba3e7dffeeaffa
SHA256

fd35616b0750a1d51cfb01aacd7bc67574d8fbcd0d6a295199d244ff825a5c60
SHA512

c31d6afc274321cbc6b05c3d34010ab278b0e16902be05aa012e5bb09e8cb8ef137614f0d1fbb0a49421048137a1e736c0d91a7d34f6fd485cdfba99ed63a365
SSDEEP

1536:QLU7mzmRNbSmCpGcZLCguutoZFpcmOlOPMWkf0CqI+/02bPn:GGFRNWmpcERuO2rOPZknqIA0g/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
247f1eb3aacfd74490b3f959d18aad12_JaffaCakes118

Files

247f1eb3aacfd74490b3f959d18aad12_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a03a5c6a32d1533800a8e974c63d9ee3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
CreateFileMappingA
GetVersionExW
WaitForSingleObject
VirtualFree
VirtualAlloc
GetCPInfo
OutputDebugStringA
GetDiskFreeSpaceA
TlsAlloc
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
GetFileSize
HeapSize
CreateThread
lstrcpyA
MapViewOfFile
GetVersion
HeapAlloc
WriteFile
LoadLibraryA
GetProcAddress
ExitProcess

user32

GetWindowLongW
SetFocus
RegisterWindowMessageA
GetClassNameW
GetWindowLongA
KillTimer
GetMessagePos
MessageBoxA
GetDlgItem

version

VerQueryValueW

msvcrt

_adjust_fdiv

advapi32

RegCreateKeyExW
RegCloseKey

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ