a75c1fba9395b12f8360d58c6a9218f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a75c1fba9395b12f8360d58c6a9218f8_JaffaCakes118
Size

92KB
MD5

a75c1fba9395b12f8360d58c6a9218f8
SHA1

00e3a18d8f58fa375f6a641eabe04ea8912ae170
SHA256

cb99d370046d66ef02ebde40249eb33ecc2d0825164d8dcf16d9c3328fb7a12b
SHA512

dfa1d3977f1acda4123cb3826bd35a743577fb32d8bb97bf819b2630c93118c591ffafa6caabc7b19b91cf456a79dd275f8d094816fcbfa566d3b2d548fc5b88
SSDEEP

1536:voOHoE8RPILl/kKjCg1rRJoD+8XCANCGR5K8zL5tU8cwK605n:QvDKNlq+YCAIGTnuwhun

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a75c1fba9395b12f8360d58c6a9218f8_JaffaCakes118

Files

a75c1fba9395b12f8360d58c6a9218f8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d592e77049201cee4dba76c8165cfa52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
GetCursorPos
DeleteMenu
DispatchMessageA
EndPaint
GetWindowLongA
GetInputState
PeekMessageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateMenu
CheckMenuItem
DestroyMenu
SetWindowTextA
GetMenuItemCount
GetCursor
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage

gdi32

GetStockObject
CreateSolidBrush
DeleteObject

shlwapi

PathIsFileSpecA

ole32

StringFromCLSID
OleSave
StgOpenPropStg
CoTestCancel
CoGetMalloc
CoGetCallerTID
ReadClassStm
CoFileTimeNow
CoInitialize

comctl32

ord17

kernel32

GlobalAlloc
GlobalFree
FreeLibrary
GetLastError
GetSystemTime
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCPInfo
GetEnvironmentStrings
HeapAlloc
HeapCreate
GetSystemInfo
LoadLibraryA
DeleteCriticalSection
GetModuleHandleA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE