78da66816dc95db64602cca23358e5b9_JaffaCakes118 | Triage

Sharing

General

Target

78da66816dc95db64602cca23358e5b9_JaffaCakes118
Size

80KB
MD5

78da66816dc95db64602cca23358e5b9
SHA1

556d7f6f9471c759ede4da7e9c0c72e15a56dc39
SHA256

cd8c3f6671d4427997962f3a95a7231f9fae2e8da6f97a11dafbff461b5b9ad7
SHA512

b91c2733f767649f0770fe2345cd7c537cc5cfc7fd93b5fe07ddf34411737bca19e0ed411242737546337742836d3cdf43fb86b2f95d9e3f8bbaa2056d1af9ab
SSDEEP

1536:trEzoxB3aVrtmvDf4EgqgNwAdhERadIaAz4lD+R0Djgk:JgoPurtmrw3PNwAgEdizGY0Yk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78da66816dc95db64602cca23358e5b9_JaffaCakes118

Files

78da66816dc95db64602cca23358e5b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74682935749887e43f3788d498cca3d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
CreateWaitableTimerW
GetCurrentProcessId
LoadLibraryA
CancelWaitableTimer
ResumeThread
VirtualAlloc
CreateFileW
MultiByteToWideChar
GetCurrentThread
InterlockedIncrement
GlobalUnlock
TerminateThread
DeleteFileW
GetProcAddress
CreateProcessW
GetVersion
SetCurrentDirectoryW
SetLastError

user32

SystemParametersInfoW
IsWindow
SetCapture
WindowFromPoint
SendDlgItemMessageW
DispatchMessageW
SetForegroundWindow
UpdateWindow
EndDialog
RegisterClassExW
GetWindowDC
SetDlgItemTextW
CreateWindowExW
DrawTextW
LoadIconW
PostQuitMessage
GetKeyState
IsDlgButtonChecked
LoadCursorW
DialogBoxParamW
ReleaseCapture
FillRect
LoadStringW

gdi32

SetMapMode
SetDIBits
CreateICW
GetMapMode
Rectangle
SetTextColor
CreateDCW
CreatePen
DPtoLP
StretchBlt
MoveToEx
LineTo
CreateCompatibleDC

advapi32

RegCreateKeyExW
LookupPrivilegeValueW

Sections

.iogi
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ehnmq
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.njwpp
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE