869cfcafb60bca0f132d106d44051591_JaffaCakes118 | Triage

Sharing

General

Target

869cfcafb60bca0f132d106d44051591_JaffaCakes118
Size

26KB
MD5

869cfcafb60bca0f132d106d44051591
SHA1

ea0b91c0d7c4f7406b75e32b32ff3ddba0e4d780
SHA256

90e69f5b40be0b73746119955110a526fff8e48190e587ed01da6a4b22954c3b
SHA512

70c90dd29f7d17edea1b91ecdc54024eff092be0b8f537dacc7c63f7e2f7f199e891f5d8406bf9274e1d83c405ba9751277f36428ba0442b4fa7dff0e3113b38
SSDEEP

384:NBamWVbKJV1/dlQX8cLE6nlbAuS1iDR6/HKC:3amEbKx/dlQG6nl21eeKC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
869cfcafb60bca0f132d106d44051591_JaffaCakes118

Files

869cfcafb60bca0f132d106d44051591_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e05506fe2472e19761ad1ffb6222076f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetLastError
GetModuleHandleA
LoadLibraryA
GetProcAddress
Sleep
FreeLibrary
ExitProcess
RtlZeroMemory
RtlMoveMemory
CreateFileA
WriteFile
CloseHandle
TerminateThread
TerminateProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
FlushFileBuffers

user32

DialogBoxParamA
LoadIconA
SendMessageA
SetDlgItemTextA
EndDialog
GetClassNameA
GetWindowThreadProcessId
ShowWindowAsync

comctl32

InitCommonControls

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ