aa5a31c9923cd646c8ff5fb45c377ed5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa5a31c9923cd646c8ff5fb45c377ed5_JaffaCakes118
Size

48KB
MD5

aa5a31c9923cd646c8ff5fb45c377ed5
SHA1

ab6ddf660556908065a8cdd9a5f1f8fdff83e869
SHA256

b981febe0f6136c1a9d0b72f7185b166c0fc0d5bb5942fdeea523095c513ed41
SHA512

9c7532153049feb50ff82bafe4768de2b6c0a0c6286178869fb23a895919a87538b34a3bcce423abdf2b7d3c12626cb2d765d62d5f2fc3b9d888d5deddd17b4f
SSDEEP

768:4CXOYHQJGGG7Vgf8nL2ZKxKb7XYKcqJ87UYwRbT5oB4PoW9rs4o7GqYj9iosa+:GYH5Gm3aTFfS7UPbT5oArRoadj9ioq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa5a31c9923cd646c8ff5fb45c377ed5_JaffaCakes118

Files

aa5a31c9923cd646c8ff5fb45c377ed5_JaffaCakes118
.exe windows:1 windows x86 arch:x86

9ba444afcd372151f80265f85eddf0c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
GetTempPathA
GetVolumeInformationW
CopyFileExA
GetStartupInfoA
GetFileAttributesW
ExpandEnvironmentStringsW
AddAtomA
GetModuleHandleA
CompareStringA

user32

keybd_event
CharLowerW
GetDC
LoadMenuIndirectA
DialogBoxParamA
GetMenu
SetDlgItemInt

gdi32

GetStockObject
CreateEllipticRgn
CreatePalette
GetBkColor
DeleteObject
CreateFontIndirectA
CreatePatternBrush

advapi32

RegReplaceKeyW
RegOpenKeyW

comdlg32

PageSetupDlgA
PrintDlgExA

shell32

ExtractIconEx
StrCmpNW
StrStrIA
ExtractIconExA
Shell_NotifyIconW
ExtractAssociatedIconExW
StrCmpNIA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ