6afcf98dc1c29044642aeac8ddafd104_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6afcf98dc1c29044642aeac8ddafd104_JaffaCakes118
Size

743KB
MD5

6afcf98dc1c29044642aeac8ddafd104
SHA1

a44201af9ee06e69d0dacb034bda5f6dadb910c9
SHA256

d7d3f0420a320fbcce80bec9a2531deae34ae190f43f6905c59d0335695e7448
SHA512

65886b4257dbb8b650d2f4dc736a03408f317210771bb2dd41652b5d0056671a75ea317856a8789c54ce05e07cbf03330ff9f72d9040985ff0dfd446357c123c
SSDEEP

12288:z3kZ3N/IAglXYflZwiFJbO7cxMRbXqhI+N+b1YVTPs/sVmeU/vTs25w3pDZk:zOdXglYzwaU8MRWdTPPXUT75q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6afcf98dc1c29044642aeac8ddafd104_JaffaCakes118

Files

6afcf98dc1c29044642aeac8ddafd104_JaffaCakes118
.exe windows:4 windows x86 arch:x86

696085e00de29947891de022c20c7902

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetSystemTime
LoadLibraryW
FreeConsole
ExitProcess
GetTickCount
GetModuleHandleA
GetACP
CloseHandle
GetVersion
VirtualProtect
GetLocalTime
HeapReAlloc
PulseEvent
GlobalFlags
FindResourceExA
AddAtomA
TlsFree
InterlockedExchange
SetEvent
GetBinaryTypeA

user32

GetKeyboardLayout
GetWindowLongA
PostMessageA
GetSubMenu
SetSysColors
ModifyMenuA
GetDlgItem
ShowWindow
TranslateMessage
MessageBoxA
DispatchMessageA
SetPropA
GetMenuStringA
InsertMenuA
ScrollDC
CopyRect
GetMenu
InflateRect
GetScrollRange
EnableScrollBar
SetWindowPos
GetParent
EqualRect
PostQuitMessage
GetWindowTextA
DialogBoxParamA
DestroyMenu
UpdateWindow
LoadIconA

shlwapi

UrlCombineA
StrTrimA
StrToIntExA
UrlHashA
StrToIntA

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ