65c2691c1a350d4c0b109eab47408fdf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65c2691c1a350d4c0b109eab47408fdf_JaffaCakes118
Size

815KB
MD5

65c2691c1a350d4c0b109eab47408fdf
SHA1

cbbebbade91aad0f5f9be791fdc6a4b18f33aa00
SHA256

232225a96cc721daa4645a61c51e7fc57933014fc44c9aaf5aaa1e2216154dcf
SHA512

debf068bf8b01876afc42adcc76f89a27e4edad480167e6351bd379c3d3aaea284157492d6ea3f9ab085e508b6504bb7fa12bd3d4b8e290de91406194b521ee7
SSDEEP

12288:fMsrDGUENZU8MYJEIai2F6qje6YS6+Am7eu/EsyiHjxqoXexFIDb0vWjFlGWX7tS:fXrD7ihKy2kqh5ouj90DWuW5lGZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65c2691c1a350d4c0b109eab47408fdf_JaffaCakes118

Files

65c2691c1a350d4c0b109eab47408fdf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0793d2b2ba5b6781b0e81a8bf42279eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GlobalUnlock
FindClose
GetACP
Sleep
CreateFileA
LoadLibraryExA
FreeEnvironmentStringsA
LocalLock
GetConsoleAliasW
CloseHandle
GetConsoleCP
GetLastError
GetCalendarInfoA
WaitForMultipleObjects
CreateFileMappingA
TlsGetValue
FindAtomA
GetModuleHandleA
HeapCreate

user32

IsWindow
DrawTextA
FillRect
GetDlgItem
CheckRadioButton
DispatchMessageA
GetIconInfo
DrawEdge
CallWindowProcA
DefWindowProcW
CopyRect
GetDC
SetFocus
MessageBoxA

setupapi

CM_Add_Range
SetupCloseLog
CM_Add_IDA
SetupCloseInfFile
CMP_Report_LogOn

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ