67f8aad4cf5212a205f417d5096e91c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67f8aad4cf5212a205f417d5096e91c1_JaffaCakes118
Size

636KB
MD5

67f8aad4cf5212a205f417d5096e91c1
SHA1

78c1fe9fd0d7b9118bba016a0d49cf5bff03c079
SHA256

48a68a1e6b280aa52f19083bd84c136331e0b3d695ecb60cbba7feafba37333e
SHA512

f831649b801c1607df170e511beb74d74d72d3527169360aaa8734393424d5b897e8a70c1450aa7c367122335b5760f4ab59397dc106aba0b3835492f9a57b9c
SSDEEP

12288:vyWFNcU2j2IK66uxQf0XCFo20551DfE2RRU/pGV44Vg69MwbO+kPzd1lHYi0myMj:TFNcrj2INQf0XCypfE2fUkg6vbKd3Y+x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67f8aad4cf5212a205f417d5096e91c1_JaffaCakes118

Files

67f8aad4cf5212a205f417d5096e91c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a9c0e7440dcb44d0bd8a0e9d24a3c42e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetSystemDefaultLangID
CloseHandle
LoadLibraryExA
WaitForMultipleObjects
VirtualProtect
GetAtomNameA
HeapReAlloc
GetModuleHandleA
InterlockedExchange
lstrlenA
GlobalUnlock
SuspendThread
SetConsoleCP
GetStdHandle
GetConsoleCP
GetTickCount
GetVersion
WaitForSingleObject
CompareFileTime
HeapCreate

user32

DispatchMessageA
GetDlgItem
GetCursorInfo
EnableScrollBar
CreateIcon
DialogBoxParamA
FillRect
GetKeyState
CopyImage
DragObject
SetScrollInfo
CreateMenu
InvertRect
IsDialogMessage
SetPropA
DrawCaption
DestroyMenu
InsertMenuA
GetKeyboardLayout
SetWindowPos
FindWindowA

advapi32

RegEnumKeyA
RegCreateKeyExA
RegQueryInfoKeyA
RegCloseKey
RegEnumValueA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ