63fc094c6b70db070a09d5e5af7279c3_JaffaCakes118 | Triage

Sharing

General

Target

63fc094c6b70db070a09d5e5af7279c3_JaffaCakes118
Size

75KB
MD5

63fc094c6b70db070a09d5e5af7279c3
SHA1

0aec4c6888992939d8b1a5d60d53e2cd92157377
SHA256

2d5b4569b04ef652c04a5aabec23f5722d9c61b4f2d145afda743164a84a471d
SHA512

6b3d5ea429e076282eab648c56aa01d8e14aa20922ff57fd5761cea2f960e49ec4566e8db7d4cc768e43bc472b7102ce448ff2bdf3b081179fc07e4907300572
SSDEEP

1536:0nAD0qCT/aqWdK1xEwzayYnn7NJGGxL0WRoXeafq/hXDe6:0AD097y4vhI9lRoX/CpXD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63fc094c6b70db070a09d5e5af7279c3_JaffaCakes118

Files

63fc094c6b70db070a09d5e5af7279c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b9ed95b1bdfd81fe1fbb6cedd0ff3785

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow
GetDesktopWindow
EnumChildWindows
SetWindowTextA
IsCharAlphaA
DialogBoxParamA
SetWindowLongW
MoveWindow

ole32

CoCreateFreeThreadedMarshaler
CoRevokeClassObject

comctl32

InitCommonControlsEx

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

kernel32

SetFileAttributesA
GetStartupInfoA
SuspendThread
InitializeCriticalSection
DeleteCriticalSection
LoadResource
GetDateFormatA
GetTickCount
FindResourceExA
ExitProcess
GetTimeZoneInformation
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
LocalAlloc
IsBadStringPtrA
HeapCreate

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ