a451c2aff26820e4ddc2891b8d6fe028_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a451c2aff26820e4ddc2891b8d6fe028_JaffaCakes118
Size

138KB
MD5

a451c2aff26820e4ddc2891b8d6fe028
SHA1

68e8bd61aa5d9a0061f2e262f4eb1f1f98fb1921
SHA256

90adaa7ea5e329513b1590815df8b784e9124b69bb9bed473f19587fa6d2fd13
SHA512

c763d5670a95d2da9be12f7efe6d82789441282a15f0f908d89887d5a47624ef6f510d32a6b3765dea103eb50e27cfbdc3009ac5082385f60b30d78a3b83f914
SSDEEP

3072:kQQqsi4Itn2PkvnAyFeMZE7+0jxjeDdyIHw7MhoBM:DQqYCn+kvnA+ZES0FjelQ7MK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a451c2aff26820e4ddc2891b8d6fe028_JaffaCakes118

Files

a451c2aff26820e4ddc2891b8d6fe028_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ef44aee845e6d2b9a3aa161fed2d8fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashW

user32

MessageBoxW
LoadImageA
LoadStringW
CharNextA
UnregisterClassA
GetSystemMetrics
LoadIconA
DestroyWindow
CharNextW

clusapi

CloseCluster

kernel32

Sleep
lstrlenA
SetLastError
EnterCriticalSection
GetVersionExA
TerminateProcess
FindResourceExA
InterlockedExchange
GetEnvironmentVariableA
SetFilePointer
GetLastError
GetCurrentThreadId
LeaveCriticalSection
GetCurrentProcessId
LockResource
EnumResourceNamesW
WideCharToMultiByte
GetModuleHandleA
QueryPerformanceCounter
RaiseException
GetSystemTimeAsFileTime
LoadResource
ExitProcess
lstrlenW
FindResourceA
lstrcmpiA
SizeofResource
CreateProcessA
MultiByteToWideChar
GetModuleFileNameA
LocalAlloc
GetTickCount
GetStartupInfoA
InterlockedCompareExchange
GetCurrentProcess

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ