6874ac8cab46f616d370702e043d70c5_JaffaCakes118 | Triage

Sharing

General

Target

6874ac8cab46f616d370702e043d70c5_JaffaCakes118
Size

636KB
MD5

6874ac8cab46f616d370702e043d70c5
SHA1

015cfca3657236442c7131028495ce045c8921c3
SHA256

4222a10635ef3db7503d105be1409aa8d4ba4b839bded7d9b518d5c3beec081e
SHA512

98560a81b3dd70a9fd6d2102d337bedd7b6765d791c2dcc8a9782829ac15448fa3a782fabee9bcc9e4c05b756a62fa62d080c33085f1b870393d7f4b4bb44407
SSDEEP

12288:0wQBI2ox0auZK248B7xIGJ3bGNacM+oz8JGuS4wLSlFd:0wAh60aiIM7x5xbMLom44wmF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6874ac8cab46f616d370702e043d70c5_JaffaCakes118

Files

6874ac8cab46f616d370702e043d70c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

970c23ab0f0dea1d6a1feaa76a4dec2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetModuleHandleA
GetSystemDefaultLangID
GetAtomNameA
GetVersion
SetConsoleCP
CloseHandle
SearchPathA
GetConsoleCP
GetTickCount
HeapReAlloc
WaitForMultipleObjects
GetStdHandle
VirtualProtect
SuspendThread
HeapCreate
CompareFileTime
WaitForSingleObject
InterlockedExchange
lstrlenA
GetCommandLineA

user32

CreateIcon
DispatchMessageA
DragObject
GetKeyState
CopyImage
DrawCaption
IsDialogMessage
DestroyMenu
CreateCursor
DialogBoxParamA
DispatchMessageA
SetPropA
EnableScrollBar
InvertRect
InsertMenuA
SetWindowPos
GetDlgItem
SetScrollInfo
FindWindowA
CreateMenu
GetCursorInfo
MessageBoxA
GetKeyboardLayout

advapi32

RegQueryInfoKeyA
RegEnumKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ