723ec5d67f9ca8a5002961918779e6a9_JaffaCakes118 | Triage

Sharing

General

Target

723ec5d67f9ca8a5002961918779e6a9_JaffaCakes118
Size

408KB
MD5

723ec5d67f9ca8a5002961918779e6a9
SHA1

638c6be1fb33388cea1f7314f3e3cee93ebe7a48
SHA256

25ce727e2bd9abc0bcfe069a9b4ff94ef54f86ea0e873c035331147820abf14f
SHA512

b2858e8baca245dfd80e0ceb3660bc98124f5ad82c75d6669f4aba5621076998bdb79f0ce3abf6fdf99e5b9806ab23b5801860311f9b2041ecc7ca3908949e03
SSDEEP

12288:WG3O/zHtqHqWFVM78Q6cpOGmj+f+m/rcjUC2l5:WG3bq0ksXjFm/rjl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
723ec5d67f9ca8a5002961918779e6a9_JaffaCakes118

Files

723ec5d67f9ca8a5002961918779e6a9_JaffaCakes118
.exe windows:32968 windows x86 arch:x86

959deb51a2feb8c1012131c16b0d2b64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindow
ReleaseCapture
BeginPaint
DestroyIcon
GetSystemMetrics
InvalidateRect
DispatchMessageW

kernel32

LoadLibraryExW
VirtualAlloc
SetUnhandledExceptionFilter
lstrcpyW
HeapAlloc
ExitProcess
LoadLibraryA
GetCurrentThreadId
LocalAlloc
GetStartupInfoA
GetCommandLineA

gdi32

DeleteDC
GetStockObject
PatBlt
CreateCompatibleBitmap
SelectObject

advapi32

RegDeleteKeyW
RegOpenKeyExW
InitializeAcl
RegCreateKeyExW
RegOpenKeyExA
InitializeAcl
RegCreateKeyExW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 388KB - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ