a0e6c9b277116ce7cd76c94a649cc136_JaffaCakes118 | Triage

Sharing

General

Target

a0e6c9b277116ce7cd76c94a649cc136_JaffaCakes118
Size

803KB
MD5

a0e6c9b277116ce7cd76c94a649cc136
SHA1

9d8c0fe4be109588f8340d0dd04f8ff4294e9403
SHA256

79c43cf603ad220a03fa78e119a1f4bc8992ab1f1b4d5c77db9174e4e94759e8
SHA512

1a2d91cb79b4f90b47cc88fc466079af65e285c47f0fa76ce47d220d1ae38682d8f218ba9759520e802292dac33dea8680fa120d14aa8d1d8d1057699c5710bf
SSDEEP

24576:WFOz15bjcy7/a7KFiLrZ962EJgky92MKZTh:WoF3i7ZagkVMCV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0e6c9b277116ce7cd76c94a649cc136_JaffaCakes118

Files

a0e6c9b277116ce7cd76c94a649cc136_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09bf0d002fe9b3f732c38d5feaee3746

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
CreateProcessA
GlobalUnlock
Sleep
GetModuleHandleA
lstrcpyA
FindClose
SetLastError
FindResourceW
LoadLibraryW
CreateFileW
GetCommandLineA
LocalFree
GetCurrentDirectoryA
GetCurrentThreadId
HeapCreate
PulseEvent
lstrlenA
CloseHandle
GetComputerNameA

user32

GetDC
CallWindowProcA
CreateIcon
GetCaretPos
SetFocus
IsWindow
FillRect
CreateWindowExA
DispatchMessageA
DrawMenuBar
GetDlgItem
CheckRadioButton
DrawEdge

cryptui

WizardFree
CryptUIDlgSelectStoreA
LocalEnroll
CryptUIDlgSelectCA
CryptUIDlgCertMgr

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 793KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE