35e39b061b57e228ab6a5b9d34bf5130_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35e39b061b57e228ab6a5b9d34bf5130_JaffaCakes118
Size

17KB
MD5

35e39b061b57e228ab6a5b9d34bf5130
SHA1

418a2a36d69a6ab02787da3090b0897c58cd03ac
SHA256

492737f0969fd4b84b608780b992ad11c00f969d43401c8b07e721432e890bbc
SHA512

cb41833f4be6971f3875a4f8b52f180aed8bd1d02b35d3aef3af9935facc5d83cf81b02b4bd188161de281e1e759153360ed64af93c2e57d64ffea6368ffe190
SSDEEP

384:u2U7tjFl4cXtue27R27G0MsIMnoazi/eMuR49fc70ghIyMscF:FaFmctu/R27G0jIMnoazi/el4fcYgoF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35e39b061b57e228ab6a5b9d34bf5130_JaffaCakes118

Files

35e39b061b57e228ab6a5b9d34bf5130_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dde41a4d75e3ba41c7004288afc68528

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA

kernel32

IsDebuggerPresent
GetCurrentProcess
GetCommandLineA
GlobalAlloc
GlobalLock
GlobalFree
GetLastError
GlobalUnlock
ExitProcess
LocalFree
FormatMessageA
ReadFile
CreateFileA
VirtualAlloc
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess

user32

IsWindow
SendMessageA
ShowWindow
IsWindowEnabled
KillTimer
PeekMessageA
GetActiveWindow
SetTimer
DispatchMessageA
UnregisterClassA
IsWindowVisible
PostQuitMessage
SetWindowTextA
MessageBoxA
wsprintfA
EndDialog
CreateWindowExA
GetDesktopWindow
SetFocus
PostMessageA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ