821f395a73d4e9d3e44ef79b087ead13_JaffaCakes118 | Triage

Sharing

General

Target

821f395a73d4e9d3e44ef79b087ead13_JaffaCakes118
Size

203KB
MD5

821f395a73d4e9d3e44ef79b087ead13
SHA1

3de72c4acfdfe299dd10334ce529648846b7b8c8
SHA256

69a64a540fcc8b8843630bb32d6d6a7f97c879e277fa07c913b90c0d380e3146
SHA512

ad17518c5f99b5391d25d0c3c4fb6ae3035042bb1a4c08419391599e075081aab3789603227c905d0bb4bfbad644c621428fe3c08cc4931c5afcac5123a95c02
SSDEEP

6144:gN2g6Kb9vsc/sla0PKie63nrrqI3k6OXPPKk:g0Q9vOa0PKt4iI3k6EPT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
821f395a73d4e9d3e44ef79b087ead13_JaffaCakes118

Files

821f395a73d4e9d3e44ef79b087ead13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12e71f25f8191f8bcba92f68d1673dab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

GetACP
HeapAlloc
CreateFiber
VirtualFree
GetProcAddress
GetSystemInfo
GetCommandLineA
ExitProcess
ResumeThread
HeapDestroy
InterlockedCompareExchange
EnumResourceNamesA
TerminateProcess
RtlUnwind
SetUnhandledExceptionFilter
VirtualProtect
LoadLibraryA
SetThreadPriority
HeapReAlloc
VirtualQuery
HeapSize
GetLocaleInfoA
VirtualAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
WriteFile

user32

IntersectRect
SetFocus
UnionRect
InvalidateRect
PtInRect
IsChild
GetClientRect
RegisterClassExA
EndPaint
UnregisterClassA
GetKeyState
GetFocus
BeginPaint
GetParent
RealGetWindowClassA
CallWindowProcA
IsWindow
CreateWindowExA

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ