643272fefc2ba173cf8ff7c554dedc41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

643272fefc2ba173cf8ff7c554dedc41_JaffaCakes118
Size

305KB
MD5

643272fefc2ba173cf8ff7c554dedc41
SHA1

8a0a25dc7a2a5d6e5428d31f09f8357409d2e033
SHA256

a7bb4488e447510cbdf9b17ec4ff0620bc486db5ebade00392f6c86a9c923f0b
SHA512

cc94b5383f9b18ed020372cbc8f59cc6e9bfc3af42639ae2d7c4c653b6c81ea59934dcf9cd8648e3b518490e27ec900a19e661cbcc3a2fcddf7d415cac249225
SSDEEP

6144:GW3wQkI2BNoYMQ8zQUGMC91W7eBVmFk2lM:HayQzW7e0Zl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
643272fefc2ba173cf8ff7c554dedc41_JaffaCakes118

Files

643272fefc2ba173cf8ff7c554dedc41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

410681003783a13f864a07b881658475

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
FindAtomA
GetFileTime
LocalFree
GetCurrentProcessId
CreateEventW
ReleaseMutex
GetPrivateProfileStringA
GetEnvironmentVariableW
HeapCreate
LoadLibraryW
GlobalFlags
FindClose
IsBadStringPtrW
GetDriveTypeA
InitializeCriticalSection
lstrlenW
WriteFile
TlsGetValue
ReleaseMutex

user32

IsWindow
DrawStateW
EndDialog
CreateWindowExA
GetClientRect
DrawTextA
SetFocus
GetSysColor
GetSysColor
CallWindowProcW
GetKeyboardType
DispatchMessageA
GetClassInfoA

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

cryptui

LocalEnroll

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ