96ba5a6de888a3b7af54bc4400745db7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96ba5a6de888a3b7af54bc4400745db7_JaffaCakes118
Size

384KB
MD5

96ba5a6de888a3b7af54bc4400745db7
SHA1

cfe56c277ffae8b3422f8709fdf35d3d2a0acd73
SHA256

94b779d88bcea166a248d0a688ff2f60c732b4406c694b838645c441a9c2dc76
SHA512

303299a9f6eff83c94d501296442228f4624854ce1f0c265a94ae9521ee82a1e8cb496cc8cddcbc88c57c758afb0b83b87207ce54bc81fd12d0b2df9ba72f2f1
SSDEEP

6144:3Ot62Rv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808Oy:yR5GdCs0O1BkBqwtjFc0fTjZOT59ozIM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96ba5a6de888a3b7af54bc4400745db7_JaffaCakes118

Files

96ba5a6de888a3b7af54bc4400745db7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

292cc3bc8cae49922772a55ed4e159ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
DisconnectNamedPipe
HeapCreate
GlobalLock
GetStdHandle
CloseHandle
GetConsoleCP
IsDebuggerPresent
FreeEnvironmentStringsA
CreateFileMappingA
LoadLibraryExA
GetModuleHandleA
CreateFileA
LocalUnlock
LocalFree
IsBadReadPtr
GetFullPathNameA
FindClose
CreateEventA
GetLastError

user32

DefWindowProcA
SetFocus
IsWindow
DispatchMessageA
EndDialog
CreateDialogParamA
GetIconInfo
ScrollWindow
GetDlgItem
GetDC
PostMessageA
GetMessageA
EmptyClipboard
DrawIconEx

uxtheme

CloseThemeData
EnableTheming
DrawThemeIcon
GetThemeMetric
GetThemeColor

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ