66e58f657eefd99c453ea3612ffddfc8_JaffaCakes118 | Triage

Sharing

General

Target

66e58f657eefd99c453ea3612ffddfc8_JaffaCakes118
Size

299KB
MD5

66e58f657eefd99c453ea3612ffddfc8
SHA1

9bd7e61baa324e6ddd93ba6111f16f3e57231386
SHA256

0716ba730ec712718847f3ddee1a39895c926b5a1b9ab5f7efe87ef1b9ffca0f
SHA512

bcd311d46784f781b6a14e9f8a5fc4a9d39cf83d7660a462a96a080f67ca56bb804cfa1f1e79bb76fee2a5f27b5085e12e9ae055e34262832a3636b436023b14
SSDEEP

3072:o0QGrOCPFzLsuEzgTFeP4JKP6u8dFF863C9TP9SZi+hYtYWdO6oUbvVZutgYZiUF:WUFzwuwSM4jXVExcS9DMgADh3J0c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e58f657eefd99c453ea3612ffddfc8_JaffaCakes118

Files

66e58f657eefd99c453ea3612ffddfc8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92f2ca453e430273f698f386b024e908

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetTickCount
SetEvent
PulseEvent
HeapCreate
GetComputerNameA
UnmapViewOfFile
CreateThread
GetCommandLineW
LoadLibraryA
SetLastError
lstrlenA
CloseHandle
LocalFree
Sleep
CreateThread
GetCurrentDirectoryA
GetModuleHandleA
LocalUnlock
GetSystemTime

user32

CheckRadioButton
IsWindow
DispatchMessageA
CallWindowProcA
GetDlgItem
CreateWindowExA
SetFocus
GetKeyState
GetScrollBarInfo
GetDC
DrawEdge
FillRect
DrawMenuBar

clbcatq

UpdateFromAppChange
CheckMemoryGates
DowngradeAPL
SetupOpen
SetSetupSave

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ