303cc963f35aa899921ae10f705b5557_JaffaCakes118 | Triage

Sharing

General

Target

303cc963f35aa899921ae10f705b5557_JaffaCakes118
Size

56KB
MD5

303cc963f35aa899921ae10f705b5557
SHA1

3a15c3e631f3b206d23d0d79fc5fa08e27f00ed3
SHA256

35552ec91930abd1093c02c3de9eb9774c55159fb1fa701a40207bae56c8cb5f
SHA512

bf7d8c3c90d16cd3b9be9ebbc25041b4a529aae5cfa05bc53467244960675a83800a9f6e058d1b7eef260e3759e4444ffd1db03ae778fd816dc3403694eb6eba
SSDEEP

1536:2W1uBPtkyN1x4iDZkpY8ibNvU2bfIkdKtvkRc:6qk4ite/2Vd/y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
303cc963f35aa899921ae10f705b5557_JaffaCakes118

Files

303cc963f35aa899921ae10f705b5557_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e68893b077efd403fb7cb02c4bf0743

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GlobalAlloc
GetCurrentProcessId
LoadLibraryA
QueryDosDeviceW
SizeofResource
DuplicateHandle
FreeResource
SuspendThread
GetCurrentThread
MoveFileW
SetCurrentDirectoryW
WritePrivateProfileStringW
SetEndOfFile
SetWaitableTimer
VirtualAlloc
GlobalFree
lstrlenW
GetCurrentProcess
InterlockedDecrement
SetLastError
MulDiv
GetDriveTypeW
SetThreadPriority
GetLogicalDrives
GetFileAttributesW
GetProcAddress
TerminateThread

user32

GetKeyState
PostQuitMessage
RedrawWindow
EnableWindow
DrawTextW
CreatePopupMenu
OffsetRect
EndDialog
SetForegroundWindow
GetMessageW
GetWindowRect
DefWindowProcW
SetCursorPos
RegisterWindowMessageW
SendDlgItemMessageW
SystemParametersInfoW
GetParent
CreateWindowExW
UpdateWindow

gdi32

BitBlt
GetClipBox
CreateDCW
CreateBitmap
GetDeviceCaps
GetStockObject
CreateSolidBrush

advapi32

RegSetValueExW
GetUserNameW
LookupPrivilegeValueW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE