28f759ef394380504d0a9ab750a4590b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28f759ef394380504d0a9ab750a4590b_JaffaCakes118
Size

171KB
MD5

28f759ef394380504d0a9ab750a4590b
SHA1

abfa5599b468bebc6138f8340cf95da2efbd6ce8
SHA256

93117650c5732b53c4a2e723b3544b6c6eee2c76e2fa1fece1616cf87ccc1950
SHA512

cde50566109bba5455be28e06cb1882f793b50ee2965033fb076757b1405889537ef0593399936b2660d001dadc2be6d2e2eb04c796f12db9769c22ccd90e845
SSDEEP

3072:MWaKFHCegKahzPgl6oUsM/2cfFoukTjZZYJyYig9safEx/7Q3p3wdVAVA:MWaQdgKanZ/xFou+Q3TsyExkp3KVOA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28f759ef394380504d0a9ab750a4590b_JaffaCakes118

Files

28f759ef394380504d0a9ab750a4590b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a131764f1e94e960aa7425a4a7cecd1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
GetStdHandle
GetVersion
lstrlenA
WaitForSingleObject
GetSystemDefaultLangID
GetAtomNameA
GetConsoleCP
GetTickCount
InterlockedExchange
VirtualProtect
LoadLibraryExA
CloseHandle
HeapReAlloc
SuspendThread
GetModuleHandleA
WaitForMultipleObjects
GetCommandLineA
GlobalUnlock
SetConsoleCP
HeapCreate

user32

DrawCaption
IsDialogMessage
CreateMenu
SetWindowPos
DispatchMessageA
DestroyMenu
InsertMenuA
EnableScrollBar
InvertRect
SetScrollInfo
GetCursorInfo
FillRect
GetDlgItem
CopyImage
CreateIcon
FindWindowA
SetPropA
GetKeyState
DragObject
GetKeyboardLayout
DialogBoxParamA

advapi32

RegCreateKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegCloseKey
RegEnumValueA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ