750e52887a925f978489f8f2e23058c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

750e52887a925f978489f8f2e23058c5_JaffaCakes118
Size

114KB
MD5

750e52887a925f978489f8f2e23058c5
SHA1

2e67e319d5f49cfc66a6c7e01cf71baaee935127
SHA256

67051918c1304e00182cec5a778f78bb3c156287aa2502c503bf9b970f84cd63
SHA512

0b862aefe7a33042c0d6a9a33300bbe14ccf34e590ccf696ccf97e967168c887e95a6ab56ece8f6dc4adbd2a8f48648b318160ac3c21e99d760d55ab75b8fa8e
SSDEEP

3072:f6zBq82+tXXfxjd8NTwG7M7EuuTceKbQO:SzB51mBL7M7EuX9bQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
750e52887a925f978489f8f2e23058c5_JaffaCakes118

Files

750e52887a925f978489f8f2e23058c5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

64e93a7686e0507d9120b03253a84f10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetMenuItemInfoA
RemovePropW
SetTimer
SetDlgItemTextW
MessageBeep
DialogBoxIndirectParamW
GetWindowTextLengthW
DefWindowProcA
TrackPopupMenu
CharPrevW
CallMsgFilterA
GetMenuItemInfoW
DispatchMessageW
MonitorFromPoint
DialogBoxParamA
SendDlgItemMessageW
GetMonitorInfoA
GetSysColor
LoadBitmapW
GetFocus
RegisterClassW
DeferWindowPos
MsgWaitForMultipleObjectsEx

kernel32

Sleep
GetProcessHeap
InterlockedDecrement
MultiByteToWideChar
CloseHandle
GlobalAlloc
VirtualProtect
lstrlenA
GlobalFree
LocalAlloc
GlobalDeleteAtom
GetThreadPriority
GetModuleHandleA
CreateProcessW
SetEvent
GetSystemTimeAsFileTime
MoveFileExW

gdi32

OffsetRgn
SelectPalette
CreateCompatibleBitmap
GetDeviceCaps
RestoreDC

shlwapi

PathCombineA
PathIsUNCW

ntdll

ZwDeleteFile
NtOpenMutant
NtCreateThread
ZwOpenKey
NtOpenMutant
NtFlushInstructionCache
ZwOpenEventPair

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ