664fae444e49262f0f251ea95aaceeeb_JaffaCakes118 | Triage

Sharing

General

Target

664fae444e49262f0f251ea95aaceeeb_JaffaCakes118
Size

274KB
MD5

664fae444e49262f0f251ea95aaceeeb
SHA1

9cca6b24d6471d8cdeaa8ee3638d94695c1cdfd7
SHA256

64108c88407b40765449f604375f68b8e19bae952471f85cf748c56e1aa9ff00
SHA512

c7acb96b9faa5a72c8118b1e3b0372bf666c6a5f6389dcb11ce5d45ad01cb05c0aeae16452501875429f7ee6f5816dab27c6ac577337bab83129cbbe0b2458b4
SSDEEP

6144:qfm0vq2bhYACmy46t2gTeI4M/XI1qV857JeTOA8QAGT7yIedBc:tGV0vJt8MIsV8gw67y3dB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
664fae444e49262f0f251ea95aaceeeb_JaffaCakes118

Files

664fae444e49262f0f251ea95aaceeeb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4d86333bb2a90d0e7deee3bc468308b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

UnregisterClassA
CharUpperW
DialogBoxParamW
SetFocus
MessageBeep
GetActiveWindow

kernel32

MulDiv
GetStartupInfoA
SetEndOfFile
GetModuleFileNameW
VirtualProtect
Sleep
LoadLibraryA
GetACP
GetLocaleInfoA
GetLastError
SetConsoleCP
GetEnvironmentStringsW
GetStdHandle
SetStdHandle
GetOEMCP
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
GetCommandLineA
GetFileType
HeapSize
GetModuleHandleA
ExitProcess
GetVersion
HeapAlloc

gdi32

SelectObject
GetDeviceCaps

msvcrt

_lock
??0exception@@QAE@ABV0@@Z
_XcptFilter

ole32

CoUninitialize

advapi32

RegCloseKey

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 217KB - Virtual size: 753KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ