649f9406c4da548ece6fdbb4bb0d41db_JaffaCakes118 | Triage

Sharing

General

Target

649f9406c4da548ece6fdbb4bb0d41db_JaffaCakes118
Size

92KB
MD5

649f9406c4da548ece6fdbb4bb0d41db
SHA1

9563861fcecc7b99361e1cd453866aca59cd18b6
SHA256

1b48aea1444da777da5c1cd245484630f22e05d16f62ba64d356f9bb7bce6e4c
SHA512

ccb9085a5549b2270d1d29e5c527c8e6b61444668d276bc59a8c07d049eb605edd74492a2d4960227cb3dfc98e718ff9ecc8f7300c16bb4fd0a1116376dddc82
SSDEEP

1536:A/uKpqhYGaxEJO5iS020P2Gnbl0kIuXGSxYTGJEmQB7bu0EcJnwqy2cc:HMxGS0202klpIuTOX9N9EV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
649f9406c4da548ece6fdbb4bb0d41db_JaffaCakes118

Files

649f9406c4da548ece6fdbb4bb0d41db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c4b7c0a0df5ba535c52fa5cf1c53932f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndPaint
CheckMenuRadioItem
EnableMenuItem
DestroyMenu
LoadIconA
LoadCursorA
RegisterClassExA
SetWindowTextA
CreatePopupMenu
GetWindowLongA
BeginPaint
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

MoveToEx
CreateSolidBrush
DeleteObject
GetBkColor
GetStockObject
CreateHatchBrush

ole32

CreateObjrefMoniker
CreateItemMoniker
StringFromCLSID
GetConvertStg
OleIsCurrentClipboard
ProgIDFromCLSID
OleRegGetMiscStatus
CoInitialize

oleaut32

CreateErrorInfo

kernel32

DeleteCriticalSection
GetCommandLineA
LoadLibraryA
GetModuleHandleA
LeaveCriticalSection
GetACP
GetLastError
HeapAlloc
HeapCreate
GlobalFree
GetStartupInfoA
EnterCriticalSection
InitializeCriticalSection
GlobalAlloc
GetVersionExA
FreeLibrary

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE