473abbf4fbfca11973e30f69bbb5b4b3_JaffaCakes118 | Triage

Sharing

General

Target

473abbf4fbfca11973e30f69bbb5b4b3_JaffaCakes118
Size

352KB
MD5

473abbf4fbfca11973e30f69bbb5b4b3
SHA1

15949c3e8342cb7d1f9a95a822465bda8c17d725
SHA256

adfc597c36f6ff2fec61488bbe495d414a2491819216b385f371d7f00456d19b
SHA512

b11e1884a7bf95593dc9281182a87344c2e10d1e7c412d8c85574c3b822bdb06bab3f4ddc47c67a15f28aa7f96cb5b6af35f72cf2a6b41be7906113506c1ac2c
SSDEEP

6144:lmug2t5Acd07AfV9xZF3pRaUyLN7XT7iUOo1TCmv1V4UvZZCKkDOOkXGJA01:lNTwc/PRaUyLNTOU7TZ5HkDBkXGS4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
473abbf4fbfca11973e30f69bbb5b4b3_JaffaCakes118

Files

473abbf4fbfca11973e30f69bbb5b4b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f575d6c5b5a046fb283e961bbd1713e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LocalFree
GetSystemTime
CancelIo
CloseHandle
CreateMutexA
IsBadReadPtr
GetConsoleTitleA
LoadLibraryExW
GlobalLock
GetStdHandle
GetModuleHandleA
EnumResourceTypesW
VirtualProtectEx
lstrlenA
CreateEventA
IsDebuggerPresent
FreeConsole
FindClose
GlobalUnlock

user32

LoadCursorA
CreateWindowExA
EnumWindows
GetSubMenu
GetParent
EndDialog
GetMessageA
GetKeyState
GetDlgItemTextA
IsMenu
DialogBoxParamA
IsIconic
GetMessageA
MessageBoxA

clbcatq

GetComputerObject
GetCatalogObject
SetSetupOpen
CheckMemoryGates
ComPlusMigrate

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ