60a2d1fa79d5495aa9f019d2c6226ae1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60a2d1fa79d5495aa9f019d2c6226ae1_JaffaCakes118
Size

637KB
MD5

60a2d1fa79d5495aa9f019d2c6226ae1
SHA1

552582159869616ed49da362ec2210029e2f69c3
SHA256

6dedfe1eaddafe3b0fe4cf9b5cd987deab6973bdac4a43e3c2ad30ccaff9d207
SHA512

c44b6ed609ed482d95647b7d8fd5b659b93279d3765d5d3147bdc5cae425ccc6b82eb43893306f05ece0e04422309c794780d483fa13e72ebe3fc10b552cdbb4
SSDEEP

12288:lzKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3:NoGPyRQXkkJaXrmu05Ak6MRoXyhB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60a2d1fa79d5495aa9f019d2c6226ae1_JaffaCakes118

Files

60a2d1fa79d5495aa9f019d2c6226ae1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58f99735f089effc38a179150e84c4a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
GetTickCount
LoadLibraryA
lstrlenA
WaitForSingleObject
GlobalUnlock
VirtualProtect
CloseHandle
GetACP
GetConsoleCP
GetProfileIntA
GetAtomNameA
GetModuleHandleA
CompareFileTime
HeapReAlloc
GetStdHandle
TlsGetValue
TlsFree
GetVersion
HeapWalk
InterlockedExchange

user32

PostMessageA
InsertMenuA
SetPropA
GetScrollRange
DispatchMessageA
ModifyMenuA
UpdateWindow
DialogBoxParamA
SubtractRect
InflateRect
GetMenuStringA
SetWindowPos
GetWindowTextA
CopyRect
ShowWindow
GetDlgItem
EqualRect
MessageBoxA
GetKeyboardLayout
DestroyMenu
PostQuitMessage
LoadIconA
CreateCaret
EnableScrollBar
PaintDesktop
GetSubMenu
TranslateMessage
GetMenu

msi

MsiCloseHandle
MsiEnumProductsA
MsiEnumClientsA
MsiDoActionA
MsiGetMode

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ