0125333cb960f3f092bb41693d335720_JaffaCakes118 | Triage

Sharing

General

Target

0125333cb960f3f092bb41693d335720_JaffaCakes118
Size

303KB
MD5

0125333cb960f3f092bb41693d335720
SHA1

838f41c21e09aeb0d7361522b1512b48ed50359d
SHA256

744074f3591b0e8e77742cab480ae32f56e162add5738824c737f025f4e39911
SHA512

d8c563885ea3c57f19c462b70cb148e139c6f87979afa8f0fc3858f0a78fe85be1776c81ac06ba786ee5163983742a102c48ce89e2f8b3b74c5d5170e5db947d
SSDEEP

6144:BiCVdqfge27p7ILeM2sJQ77n4KvfjXDOV7kwyEU9JD:BiHb2JIiM2Em7vfDY7Zyr9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0125333cb960f3f092bb41693d335720_JaffaCakes118

Files

0125333cb960f3f092bb41693d335720_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41cdf23c0f55f15635c15812d29704aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpyA
LeaveCriticalSection
HeapCreate
SetFileTime
GetModuleHandleA
lstrcatA
LoadLibraryA
GetExitCodeProcess
IsBadWritePtr
FindResourceW
CloseHandle
GetFileSize
SetFileTime
GetLastError
CreatePipe
FormatMessageW
InitializeCriticalSection
SetFileTime
GetStartupInfoW
CreateMutexW
ReadFile

msi

MsiCollectUserInfoA
MsiAdvertiseProductW
MsiConfigureFeatureA
MsiDatabaseCommit

user32

GetWindowLongW
PeekMessageW
IsDialogMessageA
DispatchMessageA
GetWindowRect
SetFocus
MessageBoxA
IsWindow
IsZoomed
LoadCursorW
wsprintfW
GetWindowTextA
PostMessageW

clbcatq

SetSetupSave

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rich
Size: 1KB - Virtual size: 193B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 129B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE