254c3481a70fdceeb944670bd4e76447_JaffaCakes118 | Triage

Sharing

General

Target

254c3481a70fdceeb944670bd4e76447_JaffaCakes118
Size

170KB
MD5

254c3481a70fdceeb944670bd4e76447
SHA1

54700ef02d21c4b4aa2c71bef1ba9ff3270cfa6a
SHA256

456f2d833c4d7073ffe8cfa0eba1b4164d4a6229bb24a733c5e4885802247628
SHA512

0b324bfac46af7077696fe226ab007fd85fd9f033ef5e64070691136682601afd441c03bcecbadacc23b353e35e3d9f084ecffa44ef13cbfa38a2df2930864ef
SSDEEP

3072:YJteSOlkOgXZ2SbmezHOBWm04zJH0ezncBoB9TTnwhNK02GfM:+enkZ29EZmVjLcBYTnyKI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
254c3481a70fdceeb944670bd4e76447_JaffaCakes118

Files

254c3481a70fdceeb944670bd4e76447_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b448b65f3105419af9409aaeae449877

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

CloseCluster

user32

DestroyWindow
UnregisterClassA
GetWindowRect
OffsetRect
GetActiveWindow
EndPaint
LoadAcceleratorsA
SetWindowLongA
SetWindowRgn
BeginPaint
DefWindowProcA
MoveWindow
PtInRect
ReleaseDC
SetDlgItemTextA
IntersectRect
CharNextA
GetDC
GetDlgItem
SetFocus
EqualRect
GetKeyState
SetParent

kernel32

DisableThreadLibraryCalls
GetLongPathNameW
InitializeCriticalSection
InterlockedDecrement
GetVersion
InterlockedIncrement
SetThreadContext
GetProcAddress
EnumResourceNamesA
GetWindowsDirectoryA
LoadLibraryA
GetModuleFileNameA
ExitProcess
MultiByteToWideChar
DeleteCriticalSection
lstrcpynA
GetFileAttributesA
GetLocaleInfoA

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ