486809eb4d6dc79af9307156229d2b81_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

486809eb4d6dc79af9307156229d2b81_JaffaCakes118
Size

352KB
MD5

486809eb4d6dc79af9307156229d2b81
SHA1

ccff67650ee28ba8f6c93654804020fdff73ad42
SHA256

11de47f01fcc5f3caa2e0c4fe2270caa1e44a22911f9c326ceef82d1be876fb2
SHA512

6bbcd40125144f8b7651708e43df20cf21b062ebb2a560e65c4c6d1678e392c0f7da9e92b870a6cb31e1a3d2d7499490a255879a0cc869886abd791d9c44ce86
SSDEEP

6144:1gkgY3+3E05ybdwpF4cuPPeuaURhubgyw0JomzfpfyMjAGgPzmW14vv:1kY3KOwoTPTrIbgLg1ANPEX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
486809eb4d6dc79af9307156229d2b81_JaffaCakes118

Files

486809eb4d6dc79af9307156229d2b81_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0bd8c88a6674102fd0878c8465422cd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PulseEvent
GetTickCount
GetCommandLineW
FindClose
GetComputerNameA
lstrlenA
UnmapViewOfFile
GetModuleHandleA
CloseHandle
GetCurrentDirectoryA
GetSystemTime
LocalFree
LoadLibraryW
ResetEvent
HeapCreate
CreateThread
lstrcatA
GlobalUnlock
CreateFileW
Sleep

user32

SetFocus
GetDC
IsWindow
FillRect
CheckRadioButton
DrawEdge
DispatchMessageA
DrawMenuBar
GetScrollBarInfo
CallWindowProcA
GetKeyState
CreateWindowExA
GetDlgItem

clbcatq

SetupOpen
SetSetupOpen
UpdateFromAppChange
CheckMemoryGates
DowngradeAPL

timedate.cpl

CPlApplet

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ