410e31934a13421a16aac05ad93c87f6_JaffaCakes118 | Triage

Sharing

General

Target

410e31934a13421a16aac05ad93c87f6_JaffaCakes118
Size

7KB
MD5

410e31934a13421a16aac05ad93c87f6
SHA1

67a7805a0ca178db52d0b32d9ac7b24486b39967
SHA256

fc278daa11d877add4cae8504be3e03f3d2f41d88b8a1bf75a4d7d9b648ba38b
SHA512

4fed566f0df43b1cbd66982c384a176d2498ddbb17f1096caf31f5d06991a8067956780b97e283066d06e625801b1b976b97e2e1a6183feb85661831ce40e7a4
SSDEEP

48:iLKelsOro0mc3lyFSxbHNh0aKDrT4rD7dnnjb/XDhyY4JafQousk3CPLNPwb5Oqz:J8pmc1yFSxDNh2mtn/kaVkSPL+b9z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
410e31934a13421a16aac05ad93c87f6_JaffaCakes118

Files

410e31934a13421a16aac05ad93c87f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d39139551935aa493612024fb6c58238

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetUserDefaultLangID
GetProcessVersion
GetProcessTimes
AllocConsole
GetConsoleInputExeNameW
FindCloseChangeNotification
CancelIo
TlsGetValue
lstrcatA
VirtualAlloc
GetModuleHandleA
GetThreadLocale
GetModuleFileNameA
IsDBCSLeadByte
GetStdHandle
ResetEvent
lstrcpyA
FreeConsole
AreFileApisANSI
TlsFree

user32

ReleaseDC
IsWindowVisible
GetWindow
CloseWindow
InvalidateRect
IsIconic
GetWindowLongA
GetFocus
GetActiveWindow
RegisterClassA
ValidateRect
GetDC
GetWindowTextLengthA
ReleaseDC
GetForegroundWindow
GetWindowTextA
GetClassInfoExA
ShowWindow
GetSystemMetrics

usp10

ScriptGetCMap
ScriptCPtoX
ScriptFreeCache
ScriptBreak
ScriptItemize

ntmarta

EventGuidToName

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE