42553e28bbe45169ffedc8f9f692c629_JaffaCakes118 | Triage

Sharing

General

Target

42553e28bbe45169ffedc8f9f692c629_JaffaCakes118
Size

338KB
MD5

42553e28bbe45169ffedc8f9f692c629
SHA1

931aeb0745a646813a43b2499224df3579465ec8
SHA256

45cb54985938d6717b6dc85b595ba810fae375472cfde9d1e8534529d7c2c14f
SHA512

205a8f3be7ea1d45a36a0e100a3ff060e0c740412e3423622a828d867dda4ff75d3b0dede3d3aa87a550c9617318bff74e679f994de829879672c7a16437ed00
SSDEEP

6144:QLLAAAiiQ79E0dJmSVTKQ9+F0ttshNIT3n1pV4aSrxb8UKxPVlByUD:gLAAAip5vnJVKQMF0tGHIT3n1p6a4hKN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42553e28bbe45169ffedc8f9f692c629_JaffaCakes118

Files

42553e28bbe45169ffedc8f9f692c629_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6564c2a6d9b5205b3ca76e3ca5c20171

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapQueryInformation
GetEnvironmentStringsA
GetCurrentThread
GetLogicalDrives
IsDebuggerPresent
GetCurrentProcessId
GlobalMemoryStatus
WaitForSingleObject
InterlockedExchange
GetACP
GetStdHandle
VirtualProtect
GetTapeStatus
CreateIoCompletionPort
GetModuleHandleA
GetTimeFormatA
LoadLibraryExA
HeapCreate
GetProcessHeap
GetProcessVersion
HeapDestroy

user32

SetActiveWindow
GetFocus
wsprintfA
GetDlgItem
GetWindow
FrameRect
DragDetect
EndPaint
GetTitleBarInfo
GetParent
DrawTextA
ReleaseDC
GetWindowTextLengthA
ShowWindow
GetCursorPos
GetClassNameA
SetForegroundWindow
FillRect
BeginPaint

advapi32

RegEnumKeyA
RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ