8844a896eb9fc70693ef3cce14d78e28_JaffaCakes118 | Triage

Sharing

General

Target

8844a896eb9fc70693ef3cce14d78e28_JaffaCakes118
Size

157KB
MD5

8844a896eb9fc70693ef3cce14d78e28
SHA1

3b8ffc86e14473361223ac0068d5863cc4129a5e
SHA256

fb107d9fd99c66a262b88dd3561b00daf532e372098f6ff68f9aaf1d6f2ea959
SHA512

90240250c93c7d5f884c9ac2d31a4af8e1497de9052389228438870d783e90f17eef80b17db0408f978887a5f0b5d4e73f053a3b4029d9cb5f0b95a52360e3f0
SSDEEP

3072:ZBAPJCV45Iiyq5J/Kq2r7mJVoidoKxPUgLtxjLa9qDomsZb:rQCYIp+/a3mJVt6KxMaLakzsZb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8844a896eb9fc70693ef3cce14d78e28_JaffaCakes118

Files

8844a896eb9fc70693ef3cce14d78e28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4eba27506502c56b11459454476a36be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetStdHandle
HeapReAlloc
WaitForMultipleObjects
GetModuleHandleA
GetSystemDefaultLangID
WaitForSingleObject
CompareFileTime
InterlockedExchange
HeapCreate
GetConsoleCP
VirtualProtect
SuspendThread
GlobalUnlock
AddAtomA
lstrlenA
OpenMutexA
GetCommandLineA
GetTickCount
GetVersion
GetProfileIntA

user32

GetKeyState
SetScrollInfo
InsertMenuA
CreateIcon
DispatchMessageA
GetKeyboardLayout
DrawCaption
CreateMenu
CreateCursor
DialogBoxParamA
DragObject
GetCursorInfo
SetPropA
SetWindowPos
MessageBoxA
IsDialogMessage
EnableScrollBar
GetDlgItem
DispatchMessageA
DestroyMenu
FindWindowA
CopyImage
InvertRect

advapi32

RegCreateKeyExA
RegEnumKeyA
RegEnumValueA
RegQueryInfoKeyA
RegCloseKey

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ