29541d356b69415f1d88a4a9f4727961_JaffaCakes118 | Triage

Sharing

General

Target

29541d356b69415f1d88a4a9f4727961_JaffaCakes118
Size

70KB
MD5

29541d356b69415f1d88a4a9f4727961
SHA1

363d20510b252c84ba22eb0bdb2baeecc3d9937c
SHA256

165591efe2d38cf10fafe48cb27d68d538f800842765963657601971496d9756
SHA512

8984b4f2d15b7f6552c6ea3adc0123348a5308084bf41210e0eeb3e0285747cd584cd6ede8e6f5c74f2be179e7428d14220de193b6644d9c0ada7591b2638323
SSDEEP

1536:IzaomDXhChojsX6boQfQPrqGLu6uW/26oI:IzDokt6bf4PrqGRV/J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29541d356b69415f1d88a4a9f4727961_JaffaCakes118

Files

29541d356b69415f1d88a4a9f4727961_JaffaCakes118
.exe windows:3 windows x86 arch:x86

7e2bf82ec18814f40f607f8a8d6ae676

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
lstrcat
GetStartupInfoW
FileTimeToSystemTime
CreateMutexW
lstrcpynA
CreateEventW
GetVersion
GetDiskFreeSpaceW
lstrcatA
OpenEventA
SetEvent
SetCurrentDirectoryW
FlushFileBuffers
GetACP
WinExec
ExitThread
lstrcmpi
CreateSemaphoreA
CreateDirectoryW
FindAtomA
GetVolumeInformationA
GetDiskFreeSpaceA
GetStartupInfoA
GetShortPathNameA

user32

GetClassLongA
DestroyMenu
SendDlgItemMessageW
SetCapture
SetDlgItemTextA
CharNextW
GetMenuStringW
GetWindowLongW
GetKeyboardType
SendDlgItemMessageA
GetCursorPos
MessageBeep

gdi32

TextOutA
CreateBrushIndirect
CreateBitmapIndirect
CreateFontW
MoveToEx
GetStockObject

advapi32

RegOpenKeyW

comdlg32

PageSetupDlgA

shell32

StrCmpNIW
StrStrIW
SHGetDataFromIDListW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ