889c740159eba7a917dbb2a9d41f152b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

889c740159eba7a917dbb2a9d41f152b_JaffaCakes118
Size

193KB
MD5

889c740159eba7a917dbb2a9d41f152b
SHA1

a9e0997b22e8ad2d8b8533cfd7fb218f3368b1d1
SHA256

c3753cabdcdff56984f4be3d05313e29016050f08a912ea079c0ee7ca8cf1929
SHA512

00f1bde530f6fbe3b3451c3269318a45f71c779e54c7d9ce52bddfb4713205e857c689cb2a2e142605d2346ea6f65fe8f6735c3689e34471cd238a34b87bdc47
SSDEEP

3072:5qyAM1UvLLA3D+DMDexPqUvDYuz3Pz/AY2CxtTQ+hkxE5I2z51L/mu:5JFuDcz+YjUDYE3P8FCxZQhEe2z5B/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
889c740159eba7a917dbb2a9d41f152b_JaffaCakes118

Files

889c740159eba7a917dbb2a9d41f152b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68b5cfe9456c4e7f05f1e7764dab7dc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
GetProfileIntA
InterlockedExchange
lstrlenA
SuspendThread
GetModuleHandleA
WaitForMultipleObjects
GetSystemDefaultLangID
AddAtomA
GetCommandLineA
HeapCreate
GetConsoleCP
GetVersion
VirtualProtect
HeapReAlloc
CloseHandle
GetStdHandle
WaitForSingleObject
LoadLibraryExW
GlobalUnlock
GetTickCount

user32

InsertMenuA
CopyImage
IsDialogMessage
SetWindowPos
CreateCursor
SetPropA
DestroyMenu
GetDlgItem
CreateCaret
GetKeyState
GetKeyboardLayout
GetCursorInfo
DispatchMessageA
FindWindowA
SetScrollInfo
InvertRect
DrawCaption
CreateIcon
DialogBoxParamA
CopyRect
EnableScrollBar
MessageBoxA
CreateMenu
DragObject

advapi32

RegCreateKeyExA
RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA

apphelp

GetPermLayers

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ