a821156ce48ec488f3752f18883f05d5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a821156ce48ec488f3752f18883f05d5_JaffaCakes118
Size

761KB
MD5

a821156ce48ec488f3752f18883f05d5
SHA1

3d8657377db06c3bda5f460272288fb5efbb9bcd
SHA256

2d04bce23c540574033342c9ad84490392410841c0b8d07ad199eaaadd0b26e9
SHA512

6cf90f74a89c8bf278db5c062f4c75fa240c54bf943c8cbdea34d9aa6c9a07adce4a9dd412536306def7d7e8a6f2ad8728e2a5df68e13ad46c7530a84e89bc32
SSDEEP

12288:QRM5DTBFxQWSA/oE2zrDMgeiLbwGd1u/FZByuUK9KI81nzajWV/mtmIGuZzy9Xx:QRM5DFbSeoE2zrHhL0O4tZfUK8t1nQuN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a821156ce48ec488f3752f18883f05d5_JaffaCakes118

Files

a821156ce48ec488f3752f18883f05d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55a78bfefef72cac20011818e662b426

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
lstrlenW
CreateEventW
GlobalFlags
LocalFree
GetEnvironmentVariableW
TlsGetValue
ReleaseMutex
HeapCreate
GetCurrentThreadId
FindAtomA
GetFileTime
ReleaseMutex
GetDriveTypeA
GetPrivateProfileStringA
WriteFile
GetCurrentProcessId
LoadLibraryW
IsBadStringPtrW
InitializeCriticalSection

user32

CallWindowProcW
GetKeyboardType
CreateWindowExA
DrawStateW
DispatchMessageA
EndDialog
GetSysColor
DrawTextA
GetClassInfoA
GetClientRect
SetFocus
IsWindow
GetSysColor

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

cryptui

LocalEnroll

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 751KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ