246e01f94cb67250585912e21e978137_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

246e01f94cb67250585912e21e978137_JaffaCakes118
Size

299KB
MD5

246e01f94cb67250585912e21e978137
SHA1

c32a2303bfa926f5c2fa70b560c5a17e8aee4ad6
SHA256

1fb0b7b5dacffb6e371444aadbf7702338952fdeec6797ecf7c1bdad713ee30a
SHA512

fe11e05580dcd158960bbd8edf95cd6c1252e2a4d1e35c0ad22a2cb38f94fd480d14b8e9e81e1ae3630e30da6b0e888b93d9eecf1f479e6fd3321c9ffca5bede
SSDEEP

6144:wH9RYPqSiunDo1fuoop8uggOMBu50lmFb/9/pEP0M1JyMHuUQ:49wiL1qggS5qmV9EFJyg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
246e01f94cb67250585912e21e978137_JaffaCakes118

Files

246e01f94cb67250585912e21e978137_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9db767f2fc34bbbb79141016f7a01664

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetLastError
UnmapViewOfFile
Sleep
GetCommandLineW
LoadLibraryW
GetSystemTime
CreateFileA
SetEvent
lstrlenA
LocalFree
HeapCreate
GetTickCount
GetModuleHandleA
GetComputerNameA
CreateThread
LocalUnlock
GetCurrentDirectoryA
PulseEvent
CreateThread

user32

FillRect
IsWindow
DrawEdge
DrawMenuBar
GetDlgItem
CreateWindowExA
DispatchMessageA
SetFocus
GetScrollBarInfo
CallWindowProcA
GetKeyState
CheckRadioButton
GetDC

clbcatq

CheckMemoryGates
SetSetupSave
UpdateFromAppChange
SetupOpen
DowngradeAPL

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ