ad0df3fbf63104082822098bfc5af25b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad0df3fbf63104082822098bfc5af25b_JaffaCakes118
Size

339KB
MD5

ad0df3fbf63104082822098bfc5af25b
SHA1

6bc5070adebf0a6a9b4c50e52adfe25e5055bf6f
SHA256

0e8624f9306509aa30f11d7639c31c8cb87ac053e58a671c46bbabab1e170da7
SHA512

717817c1a22595959bb9457fe02578668a0d5d4388c8fe7f7242c70ed354622ad1a4fa1807aa4bd9d122553a27e5114fff6fa2088d4dee724d5b3a89b546f250
SSDEEP

6144:UpnEHQuHDapYDw3ncSjl8mR3s5iEAx5NgTvlVc5PJ1rctKH:FHFmpiwzWG3lEAjNgTrcVLrbH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad0df3fbf63104082822098bfc5af25b_JaffaCakes118

Files

ad0df3fbf63104082822098bfc5af25b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

424fc215c49bd3346f9fb4a76a9c19b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamA
GetDesktopWindow
SetWindowTextA
GetActiveWindow
EnumChildWindows
IsCharAlphaA
SetWindowTextW
SetDlgItemTextW

ole32

CoRevokeClassObject

comctl32

InitCommonControlsEx

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

GetNumberOfConsoleMouseButtons
LoadResource
HeapFree
LocalAlloc
GetDateFormatA
SetFileAttributesA
GetStartupInfoA
FindResourceA
ExitProcess
HeapDestroy
GetProcAddress
FreeLibrary
LoadLibraryA
DeleteCriticalSection
InitializeCriticalSection
LocalFree
GetTickCount
HeapCreate
IsBadReadPtr

Sections

.text
Size: 329KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ