aa6fa3659aec20cfa88ef7e99486366b_JaffaCakes118 | Triage

Sharing

General

Target

aa6fa3659aec20cfa88ef7e99486366b_JaffaCakes118
Size

342KB
MD5

aa6fa3659aec20cfa88ef7e99486366b
SHA1

2fd83a1d07c5f45989894094401cf615a0a416d3
SHA256

a1626586fa2e2e0a3c9e41ee07c3b8fb2e6dbaf678fe74636ba716791aa7abe4
SHA512

7b046a2149205a17dafde7fd3cea638c26c02a2430106bc81431f6241254df2fa93abffc18f1921d3871714151c9c4403cd92bcef564a89ea6bab4f2eada4858
SSDEEP

6144:36tXLcSj5PSXyggMfOLRTYO+9wTLfdvyhEwFUsjRLTt+/yrnSX:eFhgh2R8O+yFqpLh+5X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa6fa3659aec20cfa88ef7e99486366b_JaffaCakes118

Files

aa6fa3659aec20cfa88ef7e99486366b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d65ab4d64efdba2b8db47334de7854ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
CloseHandle
lstrlenA
CreateWaitableTimerA
GlobalLock
LoadLibraryExA
GetACP
IsBadReadPtr
GetConsoleCP
GetModuleHandleA
GlobalUnlock
GetStdHandle
GetLastError
CreateEventA
CreateFileMappingA
FindClose
HeapCreate
FreeEnvironmentStringsA
CreateFileA
IsDebuggerPresent

user32

CheckMenuItem
DispatchMessageA
GetDlgItem
EndDialog
IsMenu
GetParent
ClipCursor
SetFocus
GetDlgItemTextA
DialogBoxParamA
RedrawWindow
GetSubMenu
GetMessageA
DrawIconEx

apphelp

ApphelpCheckIME
SdbFindFirstTag
ApphelpCheckRunApp
ApphelpShowDialog
SdbCloseDatabase

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ