8780f29e8c930a0f97656727eda9ac4d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8780f29e8c930a0f97656727eda9ac4d_JaffaCakes118
Size

339KB
MD5

8780f29e8c930a0f97656727eda9ac4d
SHA1

5e7a727d83e2942e49748c68bd087e39d3d3bd65
SHA256

c4ada3f36354650aac9f3bf7edea82038d1f00f53b100c71f906f3ba1eff71cb
SHA512

4d4ba799dfc187ab754b0162c03e87da5143e5b3ed6f6bb8ec411d0e39fc409b9ad623ba24b968c37a97a37a03353712f40f39b8c259c46c047828048a2a5a6d
SSDEEP

6144:53dOvUv225jrfdwcUSxitwGpLtO4z3ZlIgz/j/sGqfGLecwT6f/j:54v022BfqKgwG733ZlIgbRccz/j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8780f29e8c930a0f97656727eda9ac4d_JaffaCakes118

Files

8780f29e8c930a0f97656727eda9ac4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71ed1bdf5898d194f9ad8d94b6044f88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateEventA
FreeConsole
LoadLibraryExW
GetStdHandle
CreateMutexA
GlobalLock
GetCPInfo
FindClose
CancelIo
GetSystemTime
GetModuleHandleA
VirtualProtectEx
LocalFree
lstrlenA
IsBadReadPtr
GetACP
GetConsoleTitleW
CloseHandle
GlobalUnlock

user32

GetParent
GetMessageA
GetSubMenu
CreateWindowExA
DialogBoxParamA
IsIconic
IsMenu
GetDlgItemTextA
LoadCursorA
ClipCursor
EndDialog
GetMessageA
GetKeyState
MessageBoxA

clbcatq

CheckMemoryGates
ComPlusMigrate
GetCatalogObject
GetComputerObject
SetupSave

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ