a94b519c2ec2e2fe8d4460d7cd34fdfb_JaffaCakes118 | Triage

Sharing

General

Target

a94b519c2ec2e2fe8d4460d7cd34fdfb_JaffaCakes118
Size

18KB
MD5

a94b519c2ec2e2fe8d4460d7cd34fdfb
SHA1

415d9ca36be137bb0ff76cf840703f60d6179fff
SHA256

386f776c87893d6bbfeff70b90be557a2d2f276b4f5b725285fe47f5b5b86b58
SHA512

7a8aaf0a7d060774eb21edaf0cca1f45028ba4d6ab96f5ba88d6c048fd61b4753fa6e73c510edf4c41a7710ba15bb4ceefae491ba9b11bedc619bbb7764f7312
SSDEEP

384:whSKEiEt/h3Tfmv90u48JqwfFA4Z90RXb40J:whSZhjfmXJqgSXRL42

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a94b519c2ec2e2fe8d4460d7cd34fdfb_JaffaCakes118

Files

a94b519c2ec2e2fe8d4460d7cd34fdfb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5c0edd5e96ea5eac7b6ff89c611011a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA

kernel32

GetACP
lstrcatA
GetLastError
IsDBCSLeadByte
GetUserDefaultLCID
FileTimeToLocalFileTime
SystemTimeToFileTime
LocalAlloc
LocalFree
lstrlenA
ExitProcess
FormatMessageA
ReadFile
IsDebuggerPresent
VirtualAlloc
GetModuleHandleA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetVersion
lstrcmpW
IsValidCodePage
GetOEMCP
lstrcmpA
GetSystemTimeAsFileTime
lstrcpynA
SetUnhandledExceptionFilter
FileTimeToSystemTime
CreateFileA

user32

MessageBoxA
SetWindowPos
CreateWindowExA
wsprintfA

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ