495da4d834e7fd8309af6993e437ab0d_JaffaCakes118 | Triage

Sharing

General

Target

495da4d834e7fd8309af6993e437ab0d_JaffaCakes118
Size

18KB
MD5

495da4d834e7fd8309af6993e437ab0d
SHA1

512166326eed8ac0bc1e0d4c2f33b23610b18b8f
SHA256

54900b234a0a3f1568f7ea4daf86f11dc5246ae6e633696cb9e3a7e570927127
SHA512

bb0ddb5ca020d6b447452b9c0a78568f0b1229e6911aebcb4cca525d240fdcb060a7218c9b4e34706ef8e50249fe025d0a96e59688fa5c21a8f09199ef3b85c4
SSDEEP

192:8SPvYVynWKCY9Ew7rRvzmbXeucCZuPifANmCot1jbONtHSf8F7:RnY0nmghriuucCZcoCotharE8F7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
495da4d834e7fd8309af6993e437ab0d_JaffaCakes118

Files

495da4d834e7fd8309af6993e437ab0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d5c7230dad6c259eec26933d30ee2d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
PeekConsoleInputA
GetModuleHandleA
LoadLibraryA
GetTimeFormatA
HeapCreate
IsDebuggerPresent
VirtualProtect
HeapDestroy
GetTapeStatus
ResumeThread
GetOEMCP
InterlockedExchange
GlobalMemoryStatus
GetStdHandle
GetSystemTime
GlobalSize
GetCommandLineA
GetSystemDefaultLCID
GetACP
GetCurrentProcessId

user32

GetTitleBarInfo
AnyPopup
EndPaint
GetCursorPos
GetDC
DrawTextA
ShowWindow
GetParent
BeginPaint
SetForegroundWindow
FillRect
wsprintfA
DragDetect
GetClassNameA
FrameRect
GetWindowTextLengthA
ReleaseDC
GetFocus
GetWindow

atl

AtlModuleInit
AtlModuleTerm
AtlAdvise
AtlGetVersion
AtlUnadvise

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ