a272c80200e2ddd64f1ccf155d1d7d18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a272c80200e2ddd64f1ccf155d1d7d18_JaffaCakes118
Size

636KB
MD5

a272c80200e2ddd64f1ccf155d1d7d18
SHA1

920b2743e179ce32de4bae0dd5d25c29585fdb89
SHA256

483cf62d4d669a7aaa8e7ff0de0b4323bb2c6660599d024e3a3f7e4e4b065d20
SHA512

1a4f56d334d7386980cdca32b5b5b6a87d28c2443fd4d95b0ebf3658c1c4d05fa740609f0cd69a75e1dd5856050a777ce6429eb81ce9496f5411e580f4a07c22
SSDEEP

12288:vwQBI2ox0auZK248B7xIGJ3bGNacM+oz8JGuS4wLSlFd:vwAh60aiIM7x5xbMLom44wmF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a272c80200e2ddd64f1ccf155d1d7d18_JaffaCakes118

Files

a272c80200e2ddd64f1ccf155d1d7d18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a211db7d3c067af10c6e2e375a6be6ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetModuleHandleA
SuspendThread
GetSystemDefaultLangID
InterlockedExchange
GetCommandLineA
lstrlenA
HeapReAlloc
GlobalUnlock
GetVersion
HeapCreate
GetConsoleCP
GetTickCount
WaitForMultipleObjects
SearchPathA
CloseHandle
SetConsoleCP
GetAtomNameA
CompareFileTime
WaitForSingleObject
VirtualProtect

user32

GetKeyState
IsDialogMessage
MessageBoxA
SetPropA
CreateCursor
DispatchMessageA
CreateMenu
DispatchMessageA
SetScrollInfo
EnableScrollBar
CopyImage
SetWindowPos
CreateIcon
DrawCaption
GetKeyboardLayout
InvertRect
InsertMenuA
DragObject
FindWindowA
DialogBoxParamA
GetDlgItem
DestroyMenu
GetCursorInfo

advapi32

RegEnumKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegQueryInfoKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ