959c88f65f6f4158278ca946f0e8c6ef_JaffaCakes118 | Triage

Sharing

General

Target

959c88f65f6f4158278ca946f0e8c6ef_JaffaCakes118
Size

133KB
MD5

959c88f65f6f4158278ca946f0e8c6ef
SHA1

830065016e418f77dcf97ff2f8c5e896aa65440d
SHA256

a027f844fd364a875ac4a708c4a6c1552e71985c8caf52a8a3610fdbdbe8da14
SHA512

a54f98e2848f4efb4134fc6dd38c3d13a3a818145656dfc1c35d36807d923e116c6148dd01ce4ffb2b337a543c8e6760508346b45856d47135230744dd59de9d
SSDEEP

3072:g6Zes6nbdnOJo3epFIac6Oo7C/JCADhqH2/9Fz:gZhnlyFm5o6l/7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
959c88f65f6f4158278ca946f0e8c6ef_JaffaCakes118

Files

959c88f65f6f4158278ca946f0e8c6ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c8a8f3947bff74863d2ea460f881958

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
LoadLibraryA
MapViewOfFile
UnhandledExceptionFilter
VirtualAlloc
VirtualFree

user32

DrawTextA
GetWindowLongA
GetWindowTextA
InvalidateRect
LoadCursorA
PeekMessageA
ReleaseDC
ScreenToClient
SetWindowTextA

gdi32

CreateBrushIndirect
CreateRectRgn
ExtTextOutA
GetDCOrgEx
GetEnhMetaFileHeader
LineTo
SetDIBColorTable
SetEnhMetaFileBits
SetROP2

shell32

DoEnvironmentSubstW
DragQueryFile
DragQueryFileW
ExtractIconExA
ExtractIconExW
SHGetFileInfoA
SHGetFolderPathW
SHGetPathFromIDListA
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ