67fff38e6e845eab6eb51f09cd4b7010_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67fff38e6e845eab6eb51f09cd4b7010_JaffaCakes118
Size

156KB
MD5

67fff38e6e845eab6eb51f09cd4b7010
SHA1

01dc3b9ecf91d99a440a2a2f50db54b2977891fb
SHA256

fff30cbc3eb63c1e52896096c722b72df3a284e5a102d0cbff592fbde0d8aa2f
SHA512

1678806d98b59019a056436933228c313c3d313715eb21977ac7f2fd64f063be2680133d24f25072f02b423a961706d2a09577c5ceb7fa7b3085fefb633b2742
SSDEEP

3072:nqzE7IIrUU/6bs0TYA1JNZL5Ycu1TrMh+MVJrfhNAwHGOE20+18kSYRWg8bLXunN:P6b9TNJNju1HC7VpxmR+D8bLXQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67fff38e6e845eab6eb51f09cd4b7010_JaffaCakes118

Files

67fff38e6e845eab6eb51f09cd4b7010_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42125097ba4d2e0c07fc3676272c4681

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntA
CloseHandle
AddAtomA
GetConsoleCP
GetModuleHandleA
GetStdHandle
HeapCreate
WaitForSingleObject
GetTickCount
lstrlenA
CompareFileTime
GetSystemDefaultLangID
WaitForMultipleObjects
InterlockedExchange
VirtualProtect
GetVersion
HeapReAlloc
GetCommandLineA
OpenMutexA
GlobalUnlock
SuspendThread

user32

DrawCaption
DispatchMessageA
DestroyMenu
DialogBoxParamA
CreateMenu
DragObject
SetPropA
GetCursorInfo
SetWindowPos
InsertMenuA
InvertRect
EnableScrollBar
IsDialogMessage
GetKeyboardLayout
CreateCursor
CopyImage
CreateIcon
MessageBoxA
GetKeyState
GetDlgItem
DispatchMessageA
FindWindowA
SetScrollInfo

advapi32

RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegEnumKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ