573ced1d1a1ab22146d0028fd7db05e2_JaffaCakes118 | Triage

Sharing

General

Target

573ced1d1a1ab22146d0028fd7db05e2_JaffaCakes118
Size

93KB
MD5

573ced1d1a1ab22146d0028fd7db05e2
SHA1

1149c24846164f8c58ade75395641338586b98f1
SHA256

d4f9f42fd19f832e4a3bcf25d06f05bb42dbfbd88b5edb5b3e3082595b99a949
SHA512

292f8e8c19ee80f4e16876f07bab5c4791c12fc22a2c863cb57cdccd581163db1ce042e7b184c82542caeb184cf086d6160155cc6ff2fcae26ce4f3dbbde5d92
SSDEEP

1536:i2H/u3+NheuAtSH54VoUCrvby7rA1Y00zUs3eOJjvxTGl52BiKtriJfwhMb74glb:NH/u3+NhN2VIvbyAr0zUs3e+vIARN8wW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
573ced1d1a1ab22146d0028fd7db05e2_JaffaCakes118

Files

573ced1d1a1ab22146d0028fd7db05e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0a3f2313665ca1ac41ee1a8978e99e16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndPaint
GetWindowLongA
DestroyMenu
CreatePopupMenu
LoadIconA
LoadCursorA
RegisterClassExA
BeginPaint
EnableMenuItem
CheckMenuRadioItem
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
SetWindowTextA

gdi32

CreateHatchBrush
DeleteObject
GetStockObject
MoveToEx
GetBkColor
CreateSolidBrush

ole32

CreateItemMoniker
StringFromCLSID
GetConvertStg
OleIsCurrentClipboard
OleRegGetMiscStatus
ProgIDFromCLSID
CreateObjrefMoniker
CoInitialize

oleaut32

CreateErrorInfo

kernel32

GlobalFree
EnterCriticalSection
InitializeCriticalSection
GetStartupInfoA
GetModuleHandleA
GetVersionExA
GetCommandLineA
HeapAlloc
HeapCreate
GlobalAlloc
FreeLibrary
DeleteCriticalSection
LeaveCriticalSection
GetACP
GetLastError
LoadLibraryA

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE