708839c02300ea8b40211bb85d3be279_JaffaCakes118 | Triage

Sharing

General

Target

708839c02300ea8b40211bb85d3be279_JaffaCakes118
Size

316KB
MD5

708839c02300ea8b40211bb85d3be279
SHA1

ada43dda8ea9cea562189b15329ee2600adb5741
SHA256

0130d4380540b032c9621b3c68ca8d969203a2c00f6e86ebeb702b4e509aef19
SHA512

ac35bc6b9d46eb53ab84d7741e40279eb7a258b91cc436eec1fdb26e12112e1cc16d7ad09bcc3bf1ff40b7db1f8fd0198badecd455e97d8044d1243f8671f704
SSDEEP

6144:t7hgMbyt+/lFO7UXdj5hcD28Ek5k+6GGv+H1wpZnjZr0J/x:hhgxtAA70R5uq89H6EHe3pUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
708839c02300ea8b40211bb85d3be279_JaffaCakes118

Files

708839c02300ea8b40211bb85d3be279_JaffaCakes118
.exe windows:4 windows x86 arch:x86

478dbdfe2f210767d6ec00e96163e9f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
OpenSemaphoreA
GetStdHandle
GetModuleHandleA
FlushFileBuffers
GetEnvironmentStringsA
GetThreadPriority
GetSystemDirectoryA
GetCurrentProcess
FindAtomA
IsDebuggerPresent
GetCompressedFileSizeA
InterlockedExchange
GlobalFree
GetACP
VirtualProtect
HeapCreate
GetExpandedNameA
GetCurrentThread
WriteConsoleA
FormatMessageA

user32

GetWindow
GetDlgItem
GetParent
EndPaint
wsprintfA
DrawTextA
FrameRect
GetCursorPos
SetForegroundWindow
GetClassNameA
SetActiveWindow
BeginPaint
FillRect
GetFocus
ReleaseDC
IsIconic
ValidateRgn
GetWindowTextLengthA
ShowWindow

linkinfo

ResolveLinkInfoA
DestroyLinkInfo
GetCanonicalPathInfoA
IsValidLinkInfo
GetLinkInfoData

rtutils

LogEventW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ