302771cb1201ac0dc92e74e144370438_JaffaCakes118 | Triage

Sharing

General

Target

302771cb1201ac0dc92e74e144370438_JaffaCakes118
Size

97KB
MD5

302771cb1201ac0dc92e74e144370438
SHA1

11447bda96f0908b7dce19b76cd8450dd1790aec
SHA256

968ab06ff86326c6dd4b3f9f58cae7179561eb3401875fa3a9a32333af77682b
SHA512

9813b17f00bc41167b7bbe660723906224d47637df0f5035fc23af077f5b2bbdf79efbc5b4d9eab230a792bc763a554f812f05e548989a94a2152abb5253bc9b
SSDEEP

1536:r6fkpQnyFol7B7xpHD/crBHUO6mMVV4IEtQXndFMaIFiOFDrC1Zj6rbPfuqCjuCk:rA4+yS3kl0OJMVSIEq39Am2bnOup8DSz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
302771cb1201ac0dc92e74e144370438_JaffaCakes118

Files

302771cb1201ac0dc92e74e144370438_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bace7dee7e8f03fd9c637b03c3cc08a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

CloseCluster

shlwapi

PathAddBackslashW

user32

GetSystemMetrics
LoadImageA
LoadIconA
LoadStringW
UnregisterClassA
CharNextA
DestroyWindow
MessageBoxW
CharNextW

kernel32

TerminateProcess
GetStartupInfoA
LocalAlloc
SetLastError
SizeofResource
GetVersionExA
GetTickCount
WideCharToMultiByte
lstrlenW
RaiseException
SetFilePointer
GetLastError
GetEnvironmentVariableA
FindResourceA
LeaveCriticalSection
GetModuleHandleA
QueryPerformanceCounter
FindResourceExA
EnumResourceNamesW
LoadResource
EnterCriticalSection
GetCurrentProcessId
InterlockedCompareExchange
InterlockedExchange
GetCurrentThreadId
ExitProcess
MultiByteToWideChar
GetSystemTimeAsFileTime
lstrlenA
LockResource
lstrcmpiA
GetModuleFileNameA
Sleep
CreateProcessA
GetCurrentProcess

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ