6376679e35819febab94546f7a383938_JaffaCakes118 | Triage

Sharing

General

Target

6376679e35819febab94546f7a383938_JaffaCakes118
Size

167KB
MD5

6376679e35819febab94546f7a383938
SHA1

f16daef730947d5f218dd2601d219ddbba5e4a6f
SHA256

3fdce7e9339b95a96a8e0e98db1ae4f650ebf6bb31ab0cfbb2b29e6d40ec448b
SHA512

86d92060f1ae96386b5bcd114b446b0f646840368752b18fa6abf630f37587136932e44d9692b21b35a2a4237519db58de1041472d532d523ae144b9c4ad4010
SSDEEP

3072:fM4cGYJQY1NoCJRsrYq4w9dMM8t/Iv9XjYoUk9mnm5Wr:ncdQY1Kj9dMPt/IlHJmpr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6376679e35819febab94546f7a383938_JaffaCakes118

Files

6376679e35819febab94546f7a383938_JaffaCakes118
.exe windows:4 windows x86 arch:x86

beafb166e5d7c09cd28e3f2d56f161d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
SetConsoleCP
lstrlenA
HeapCreate
LoadLibraryExA
GetCommandLineA
InterlockedExchange
GetConsoleCP
GetTickCount
CloseHandle
SuspendThread
WaitForSingleObject
GlobalUnlock
GetSystemDefaultLangID
HeapReAlloc
GetStdHandle
GetAtomNameA
GetModuleHandleA
GetVersion
CompareFileTime
VirtualProtect

user32

SetWindowPos
DragObject
GetKeyState
DispatchMessageA
InsertMenuA
IsDialogMessage
GetKeyboardLayout
FillRect
DrawCaption
InvertRect
SetPropA
FindWindowA
SetScrollInfo
EnableScrollBar
DestroyMenu
CreateMenu
GetDlgItem
CreateIcon
DialogBoxParamA
GetCursorInfo

advapi32

RegCloseKey
RegCreateKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegEnumValueA

version

VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ