613e7360ed37fd00390c54c3c68bd866_JaffaCakes118 | Triage

Sharing

General

Target

613e7360ed37fd00390c54c3c68bd866_JaffaCakes118
Size

122KB
MD5

613e7360ed37fd00390c54c3c68bd866
SHA1

0fc4f2883fb75f4767eed78273ca8d0b3b8804bb
SHA256

4c1e81418e929df61e26ab1fd8e16f66a7e7fba8984e34f2bfd75be89a0720c8
SHA512

10464a6427494c5741780b63a3542e1b85c531a9430557a8cf2092b973e2bb9268dcdf750427bef1466d5dc0934df167bb73ffe66001292b8071269405decfed
SSDEEP

3072:TMA12batZ1CZN8kJXUYxGb48YiC8CKchWevqBSjr:Tt8ZN8ku/vQVWDe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
613e7360ed37fd00390c54c3c68bd866_JaffaCakes118

Files

613e7360ed37fd00390c54c3c68bd866_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b36d4a35887fb898d9f69f310dc933d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
EnumCalendarInfoA
ExitProcess
FileTimeToLocalFileTime
GetFileAttributesW
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
LoadLibraryA
VirtualAlloc
VirtualFree

user32

EnableMenuItem
EndPaint
GetDC
GetDesktopWindow
GetSubMenu
GetWindowPlacement
MapWindowPoints
SetWindowPos
SetWindowTextA

gdi32

GetCurrentPositionEx
SetStretchBltMode
TextOutA

shell32

DragQueryPoint
SHGetFileInfoA
SHGetFolderLocation
Shell_NotifyIconW

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 913B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ