6a2428d8a59661603be81ce5373d8ece_JaffaCakes118 | Triage

Sharing

General

Target

6a2428d8a59661603be81ce5373d8ece_JaffaCakes118
Size

17KB
MD5

6a2428d8a59661603be81ce5373d8ece
SHA1

f3b2ce8465bc48fd31747c9b87c6a7b6a491393c
SHA256

29a570844454b14ff83ad0b3a04d4606b264626bfbeaf0a9b6ce20a17283f2a3
SHA512

0f660dd48a2938dfe2d5b6fd6a08fc7826787b457619746a5cc373fbbf12c2b2dc0abe90fa7414a089880c7a0c9c39dcbe938d7d227253b0f22dd30d3aec1307
SSDEEP

192:6pEesgcswhI3ML/BCNLxvC3xRqEa9zJij9allV1rLYs:EtsGwhI3MLAvCXstij9allV1Ys

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a2428d8a59661603be81ce5373d8ece_JaffaCakes118

Files

6a2428d8a59661603be81ce5373d8ece_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b116483dde5d2de9d715d839093328b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetTickCount
GetConsoleCP
lstrlenA
CloseHandle
SuspendThread
GetStdHandle
CompareFileTime
GetCommandLineA
HeapCreate
GetAtomNameA
InterlockedExchange
GlobalUnlock
GetModuleHandleA
WaitForMultipleObjects
GetSystemDefaultLangID
OpenMutexA
HeapReAlloc
GetVersion
SetConsoleCP
VirtualProtect

user32

DestroyMenu
DragObject
SetScrollInfo
InsertMenuA
InvertRect
SetWindowPos
DrawCaption
IsDialogMessage
CreateCursor
DialogBoxParamA
FindWindowA
MessageBoxA
GetKeyboardLayout
SetPropA
DispatchMessageA
CreateMenu
GetDlgItem
CreateIcon
DispatchMessageA
GetCursorInfo
EnableScrollBar
GetKeyState
CopyImage

advapi32

RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegCloseKey

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ