255bc13cb6cec0cdd65e5ebd53821388_JaffaCakes118 | Triage

Sharing

General

Target

255bc13cb6cec0cdd65e5ebd53821388_JaffaCakes118
Size

24KB
MD5

255bc13cb6cec0cdd65e5ebd53821388
SHA1

d2f199bc0a26ccff0656b84a20373cdf6c64be98
SHA256

c630f1a2d869f8d23d369b6f148ff08375dc6657639fb7abc10271b36c2f13cd
SHA512

392dcf4b0c08e98870f3224321e478488971705ab02d2180801b6f6c8b7892027e9b63653144b1024097b23f3f091d8707298e41cfb67ff851e7bf321f69c613
SSDEEP

192:sZZJgP5vTIcr+2xqOl+hk9Jm9e6Dl3B6fuWxvv6QpjjNajxr:swlIIqe+2i9e6DlEf9NJa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
255bc13cb6cec0cdd65e5ebd53821388_JaffaCakes118

Files

255bc13cb6cec0cdd65e5ebd53821388_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d27b71bac8d322537070dea33814164

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetHandleContext
GetThreadTimes
GetModuleHandleA
GetConsoleCP
CancelWaitableTimer
CreatePipe
AddAtomA
GetThreadLocale
CreateMutexA
IsDBCSLeadByte
GetUserDefaultLangID
TlsFree
TlsGetValue
GetOEMCP
ReleaseMutex
GetThreadPriority
VirtualAlloc
SetEvent
CompareStringA
GetLargestConsoleWindowSize
GetExitCodeThread

user32

GetActiveWindow
GetWindowTextA
RegisterClassA
ReleaseDC
GetDC
IsWindowVisible
GetWindowTextLengthA
IsIconic
GetClassNameA
GetWindow
ShowWindow
GetFocus
InvalidateRect
GetClassInfoExA
CloseWindow
GetForegroundWindow
ValidateRect
GetSystemMetrics
ReleaseDC

dsound

DllCanUnloadNow
DirectSoundCreate
DirectSoundEnumerateA
GetDeviceID
DllGetClassObject

mscms

CheckColors

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 522B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ