66de8e793c5b12fc59e2433a800350bf_JaffaCakes118 | Triage

Sharing

General

Target

66de8e793c5b12fc59e2433a800350bf_JaffaCakes118
Size

33KB
MD5

66de8e793c5b12fc59e2433a800350bf
SHA1

7b22fca3d9b793ec6b41847a252d0af779d0970d
SHA256

56fc71f92fd431be7506a8c2d5aeef7bad9ddc70471cfb1f68c3fcc4c4f90e0a
SHA512

f068e58ab7d081e82bd5fa7cffe6eb67cab2ab9fbf5f117322b9c6e846b2175439b008871946159b7b0d34fe3776983a265e71b5423034104c3da8db1d7be5b7
SSDEEP

768:cyTq5KLMqsOj6LGkD19/wwlP8/DXfvbOUDp8leGs3nStS0v:zScMeWLGkD19/wwqrX97GO2t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66de8e793c5b12fc59e2433a800350bf_JaffaCakes118

Files

66de8e793c5b12fc59e2433a800350bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ee11072b6da99b43e1563f107acd655

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPriorityClass
GetCurrentProcess
GetLastError
LoadLibraryA
ExitProcess
GetProcessTimes
GetCurrentThreadId
ExitThread
GetTickCount
GetCurrentThread
CreateThread
GetModuleHandleA
GetModuleFileNameA
VirtualAlloc
GetCommandLineA
GetCurrentProcessId
GetThreadPriority
Sleep
GetStartupInfoA
GetProcessHeap
FreeLibrary

user32

GetSystemMetrics
GetWindow
GetActiveWindow
GetWindowTextLengthA
GetForegroundWindow
GetWindowTextA
IsWindowVisible
GetWindowDC
RegisterClassA
GetDC
GetWindowLongA
OpenIcon
ShowWindow
ReleaseDC
GetFocus
UpdateWindow
BeginPaint
CreateWindowExA
GetClassLongA

advapi32

IsTextUnicode
RegCloseKey
GetUserNameA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

version

VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ