42d6ff37c69309c88930f050a26841f1_JaffaCakes118 | Triage

Sharing

General

Target

42d6ff37c69309c88930f050a26841f1_JaffaCakes118
Size

279KB
MD5

42d6ff37c69309c88930f050a26841f1
SHA1

9001d6fa7793e6357f166749c76d8ed455d81210
SHA256

9a3aabc7b5b8a86dd094e4454775758eec64e4c3aab1032273d5d4a3de361f04
SHA512

a854d47effb88bd61fd3851b2c829d33a19ae72d71ade7f28cfb81b43553accc777076458412cd505430356ee439489430602390cb86a154025b62e2293c44f0
SSDEEP

3072:H8ziGNQ7WpPgVYyX/4rjWN5nZ+hWgZ29L+faLYxSLV5GNKOapuafFqwP4Y8cbbS2:HPB7WpoKuN5Z+BkLdqgSopTTbnSi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42d6ff37c69309c88930f050a26841f1_JaffaCakes118

Files

42d6ff37c69309c88930f050a26841f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2491e109574d15621477997c345ee9c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
CreateEventA
CreateFileA
CreateThread
EnterCriticalSection
ExitThread
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetLocaleInfoA
GetProfileStringA
GetThreadPriority
GetTickCount
GetVersionExA
GlobalAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalLock
LocalUnlock
ReleaseMutex
SetEvent
SetFilePointer
SetLastError
Sleep
WaitForSingleObject
WriteConsoleA
lstrcmpiA
lstrcpynA
lstrlenA

user32

wsprintfA
AdjustWindowRectEx
CreateWindowExW
DefWindowProcW
DestroyIcon
FindWindowW
GetWindowRect
IsWindowEnabled
RegisterClassExW
SetActiveWindow
SetCursor
SetMenuItemInfoW
SetRectEmpty
TranslateAcceleratorW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ