ac2a0824f591f3d0e0bd8c69975a76c3_JaffaCakes118 | Triage

Sharing

General

Target

ac2a0824f591f3d0e0bd8c69975a76c3_JaffaCakes118
Size

118KB
MD5

ac2a0824f591f3d0e0bd8c69975a76c3
SHA1

99a583be1b3700e8c11fc23d398c463b09ccaee4
SHA256

ebcf8136a764c811b3c068bdaf1330c4136c3b347d7914bf0f3da30a304ac2b8
SHA512

e7ed7e908a9f5142360da46c6162984a9635c852ac5888f9a1d93f946613c2b5a6b27bbe52bde44965dfc16e79c824851b1190f5519c9f181fb5090026e16e99
SSDEEP

1536:cHlPPPNkooooaJJcMH58wTq5fLYhv2ffHwEUzvy82i1QJaC4CS:zooooaJJD58wTefLY+fP+6PDaC4x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac2a0824f591f3d0e0bd8c69975a76c3_JaffaCakes118

Files

ac2a0824f591f3d0e0bd8c69975a76c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

152978bdab15b1321b010f626c954499

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

GradientFill

comctl32

CreateStatusWindowW

winhttp

WinHttpOpen

kernel32

GetFirmwareEnvironmentVariableW
GetProcessVersion
ResetEvent
GetPrivateProfileSectionNamesW
ExitProcess
FindResourceW

user32

GetWindowTextLengthW
AnimateWindow
CharPrevW
CreateCaret

gdi32

EndPath
CreateEllipticRgn
BitBlt

advapi32

RegQueryInfoKeyW

shell32

DragQueryPoint

Sections

.text
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ