3776719511cb07e0238451808005ecfc_JaffaCakes118 | Triage

Sharing

General

Target

3776719511cb07e0238451808005ecfc_JaffaCakes118
Size

69KB
MD5

3776719511cb07e0238451808005ecfc
SHA1

989a870131e9c2b71284ed98fe72428ebc0035c1
SHA256

29a2ab23a9478b1feb37b715559b4b5f87b517ede4444020b4c4bfc1ffc9a31f
SHA512

0cb839ce2f04606858c656f79dfed39324cb97a02d23af2cd4f3f30061aa92bc5152337fd62c9a5b4cd79f9a434c81c84bca2b2b9dc9c1c8fb122ec196096614
SSDEEP

1536:cRFlrZLSuydR6UPqHe5d+vQmcNO8EdYYq26oI:cXlrTyOHOQQOpOJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3776719511cb07e0238451808005ecfc_JaffaCakes118

Files

3776719511cb07e0238451808005ecfc_JaffaCakes118
.exe windows:0 windows x86 arch:x86

8be1abec39ad583bd9ae1d397f31665d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
CreateSemaphoreW
SetCurrentDirectoryA
FatalAppExitA
CreateNamedPipeA
LoadLibraryA
CreateFiber
GetACP
WaitForSingleObject
lstrcmpiA
AddAtomW
AddAtomA
FreeLibrary
CompareStringA
GetModuleFileNameW
CreateNamedPipeW
CloseHandle
lstrcatA
WinExec
SetEvent
GetCurrentProcessId
GetEnvironmentVariableA
CreateEventA

user32

SetCapture
RegisterWindowMessageA
WinHelpA
GetWindowLongA
GetWindowDC
GetWindowTextW
MessageBoxIndirectW
GetClassInfoW

gdi32

CreatePen
Ellipse
CreateCompatibleDC
CreateBrushIndirect

advapi32

RegOpenKeyExW
RegQueryInfoKeyW

comdlg32

GetSaveFileNameW
GetFileTitleW
PrintDlgExA
ReplaceTextA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ