4420657838b21c298d88b23774b09a1e_JaffaCakes118 | Triage

Sharing

General

Target

4420657838b21c298d88b23774b09a1e_JaffaCakes118
Size

375KB
MD5

4420657838b21c298d88b23774b09a1e
SHA1

66cf920d57005ed68e3c4b13a87deeaf47a97949
SHA256

92e703d07fd4e6441190646d6d2361fed734c95adc93d0a3823bac70a2fd838a
SHA512

8678910c95e06dfdb9371aff96031bff9c1886dc25da6327c0adf7d7c93040eabec271cb872ebb842ace9b3db6c22678d2e414ead9e3cf0506ef42cd73bad935
SSDEEP

6144:XL0rkcpLOuLLUM2ccQTAfOIQcMZHTWT0GbJOvHfp1E62MiNU:70rpR/LLURccOAfrQcMZKTx4EnD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4420657838b21c298d88b23774b09a1e_JaffaCakes118

Files

4420657838b21c298d88b23774b09a1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

127e91a25c8afc7753f9a5c4451d48e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PulseEvent
GetCurrentDirectoryA
CreateFileW
GetCommandLineA
HeapCreate
LocalFree
GetCurrentThreadId
lstrcpyA
Sleep
GetModuleHandleA
GetSystemTime
FindClose
LoadLibraryW
CreateThread
lstrlenA
GlobalUnlock
CloseHandle
GetComputerNameA
ResetEvent
UnmapViewOfFile

user32

FillRect
DrawEdge
IsWindow
GetDlgItem
SetFocus
DrawMenuBar
DispatchMessageA
CreateIcon
CheckRadioButton
GetCaretPos
CallWindowProcA
GetDC
CreateWindowExA

cryptui

WizardFree
CryptUIDlgSelectCA
CryptUIDlgCertMgr
CryptUIDlgSelectStoreA
LocalEnroll

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 299KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ