4121f77d23915f172aebb6a57cef3783_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4121f77d23915f172aebb6a57cef3783_JaffaCakes118
Size

636KB
MD5

4121f77d23915f172aebb6a57cef3783
SHA1

5ce1d3f31308ef4cdc64656c4c54a31c53b93ccf
SHA256

352e7bcd8f42a7d557ea904a82c128fd73110588d1fdc4db2370b3e3022d6772
SHA512

e06ba89de59262c629b3bc03afe65afccc269482cf6c6c52a96e66eda877e8708777e5bcec9ec3a30ff9e4ba7ddcbacac524cd8d33890002dee3e2391fecd0b8
SSDEEP

12288:dkxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz6:dRUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4121f77d23915f172aebb6a57cef3783_JaffaCakes118

Files

4121f77d23915f172aebb6a57cef3783_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26bf553b385af55f65d1383d31499081

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
InterlockedExchange
CloseHandle
WaitForSingleObject
WaitForMultipleObjects
VirtualProtect
CompareFileTime
GetModuleHandleA
HeapReAlloc
SetConsoleCP
GetVersion
GetTickCount
lstrlenA
GetAtomNameA
GetConsoleCP
GetStdHandle
SuspendThread
GlobalUnlock
GetSystemDefaultLangID
GetCommandLineA
HeapCreate

user32

IsDialogMessage
CreateMenu
SetPropA
CreateIcon
GetCursorInfo
DialogBoxParamA
DispatchMessageA
GetKeyboardLayout
GetDlgItem
SetWindowPos
DragObject
CopyImage
DrawCaption
EnableScrollBar
GetKeyState
FillRect
FindWindowA
InsertMenuA
InvertRect
SetScrollInfo
DestroyMenu

advapi32

RegEnumValueA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyA
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ