362f63e8b07cda4da97566687c20fb92_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

362f63e8b07cda4da97566687c20fb92_JaffaCakes118
Size

60KB
MD5

362f63e8b07cda4da97566687c20fb92
SHA1

9ad20d4b393b31002bc4e80827616f54da27fee1
SHA256

f27ed82c20abdfbc5e1aadaf145f30de2045e07ca6ec33bbd769061c557d68a4
SHA512

195e35a0619ad1857d9f2df4702792b7c4073e0b77060b4793d21280ac01fc24a1803867aed6a06179c89ba84b6ca02a2b3e705d37f91099c694e5f475d53e70
SSDEEP

768:HHqEDgz68QJIOChSMoyJz6d2+nWpp8rxV/11wP2jSU9wcRoFlFi6+jLK4tB:HHvJ8QJzChSMoyJE2YWLSXSYoFiXeeB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
362f63e8b07cda4da97566687c20fb92_JaffaCakes118

Files

362f63e8b07cda4da97566687c20fb92_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd1f54d7eeee1c6aaa22710a1219140d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetCurrentThreadId
GlobalFree
GetCurrentProcessId
GetCurrentThread
VirtualAlloc
FindClose
GetLocalTime
CreateWaitableTimerW
LoadLibraryA
GetUserDefaultLangID
Sleep
SetEvent
GlobalAlloc
MulDiv
GetModuleFileNameW
ReadProcessMemory
CreateEventW
FindResourceExW
GetProcAddress
FindNextChangeNotification

user32

wsprintfW
SetWindowPos
PostThreadMessageW
DispatchMessageW
SetCapture
RedrawWindow
GetWindowRect
GetDlgItem
IsWindow
LoadCursorW
InvalidateRect
LoadImageW
GetParent
LoadIconW
UpdateWindow
GetKeyState
SetWindowTextW
SystemParametersInfoW
DestroyIcon
DrawTextW
DefWindowProcW
SetDlgItemTextW
SendDlgItemMessageW
RegisterClassExW
SetLayeredWindowAttributes

gdi32

BitBlt
SetDIBits
CreateBitmap
DeleteObject
GetObjectW
CreatePen
CreateICW
CreateRoundRectRgn
CreateDCW
CreateFontIndirectW
SelectObject

advapi32

RegCloseKey
SetSecurityDescriptorDacl
GetUserNameW

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE