82855529be656e2a64b0d431c9c23d1d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82855529be656e2a64b0d431c9c23d1d_JaffaCakes118
Size

93KB
MD5

82855529be656e2a64b0d431c9c23d1d
SHA1

48197b5df8d17fb2129286b45ffd70800e735aa9
SHA256

ab332e58c5d4e991e4eeaa2f88b52653e56d408878ff7957fd0c45756c4ba60d
SHA512

749caa860fefe6de58cf05c6cde85b65a0d6d6d0192e4d051e1590b2c514f2fea46839c8ae79c2bbd8136e1c1bc32b6e6e7c162bd6fcfa465c606674f8908cb7
SSDEEP

1536:8dqCAF6F/cztbkv4cxX5b4Y4/HHaK6rYH/qQ8wnK6auOvM4gGiX5d5:8d+6UzCQcncY4vqw/qbwnoNiX5d5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82855529be656e2a64b0d431c9c23d1d_JaffaCakes118

Files

82855529be656e2a64b0d431c9c23d1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fe514e985cecd62c62bb25709b8888c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
CompareFileTime
CloseHandle
WaitForSingleObject
GetConsoleCP
GetSystemDefaultLangID
VirtualProtect
InterlockedExchange
GetCommandLineA
GetTickCount
HeapReAlloc
GetVersion
SuspendThread
WaitForMultipleObjects
LoadLibraryExA
lstrlenA
GetAtomNameA
SetConsoleCP
HeapCreate
GetModuleHandleA
GlobalUnlock

user32

GetDlgItem
GetCursorInfo
InsertMenuA
FillRect
DestroyMenu
DrawCaption
EnableScrollBar
DispatchMessageA
SetPropA
IsDialogMessage
CopyImage
CreateMenu
DragObject
SetWindowPos
DialogBoxParamA
InvertRect
GetKeyState
CreateIcon
FindWindowA
SetScrollInfo
GetKeyboardLayout

advapi32

RegEnumKeyA
RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ