760036f85b1af738daba51861123d9cd_JaffaCakes118 | Triage

Sharing

General

Target

760036f85b1af738daba51861123d9cd_JaffaCakes118
Size

207KB
MD5

760036f85b1af738daba51861123d9cd
SHA1

2d33e4ef053c95fc510043071f0555ad2e4d6c7a
SHA256

13bcfa5c9a4d5aaf026a723986bc44aec696de5a6039545460f63f1bf9de71ca
SHA512

2221d4b437c7f4748ea59bbb67121bff65f2cc7733531f2a335a97f1b88ed982e78778dae48e6d4356cb5ffb72142d26134c5a4e285071335f34cc68d3d61af4
SSDEEP

6144:D6OFdQ9ILcbxEhtDqp6bimz0g2MNIHjWW29tSS:mRnbsU6b9f2hjWW29tSS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
760036f85b1af738daba51861123d9cd_JaffaCakes118

Files

760036f85b1af738daba51861123d9cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

328b8c3fc5817dd60f3bca56dda339a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetStdHandle
lstrlenA
HeapCreate
CloseHandle
GetSystemDefaultLangID
VirtualProtect
InterlockedExchange
CompareFileTime
GetModuleHandleA
GetTickCount
SuspendThread
WaitForMultipleObjects
GlobalUnlock
GetCommandLineA
WaitForSingleObject
GetConsoleCP
HeapReAlloc
LoadLibraryExW
GetProfileIntA
AddAtomA

user32

FindWindowA
CopyImage
SetWindowPos
InsertMenuA
DialogBoxParamA
GetCursorInfo
IsDialogMessage
CreateCursor
DispatchMessageA
CopyRect
EnableScrollBar
CreateMenu
GetDlgItem
InvertRect
CreateCaret
SetScrollInfo
DrawCaption
MessageBoxA
CreateIcon
SetPropA
GetKeyboardLayout
DragObject
GetKeyState
DestroyMenu

advapi32

RegCreateKeyExA
RegEnumValueA
RegCloseKey
RegEnumKeyA
RegQueryInfoKeyA

apphelp

GetPermLayers

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ