af73e1b0b65e1b104098725e42e78eb2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af73e1b0b65e1b104098725e42e78eb2_JaffaCakes118
Size

73KB
MD5

af73e1b0b65e1b104098725e42e78eb2
SHA1

ab232acc9bdc2816094ffffa1ef11821bdb7a21a
SHA256

16beb692a94d297f36ef8d6453c24807655e73f9deaca3477f5d6294a40ad70a
SHA512

6eee16b87b0729af4ce8fc7ae34275c5772924e31820d686356aac8b156a9f312994a443038084e2d526cf12bc532a9a7e06ba50826cc2bdf95098ac7411a669
SSDEEP

1536:1b7tB0GBnDL+ISZUYVaLEqzfY1INYU1wZL6uBzLfA:1b7tbDL/OLmEmuIpwVzH4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af73e1b0b65e1b104098725e42e78eb2_JaffaCakes118

Files

af73e1b0b65e1b104098725e42e78eb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0f7a03b81e0736e27b6e04e932cf6ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
GetTickCount
GetModuleHandleA
GetStdHandle
HeapReAlloc
VirtualProtect
GetCommandLineA
HeapCreate
lstrlenA
CloseHandle
SuspendThread
GetConsoleCP
CompareFileTime
GetVersion
InterlockedExchange
LoadLibraryExA
WaitForSingleObject
GetSystemDefaultLangID
GlobalUnlock
SetConsoleCP
GetAtomNameA

user32

DispatchMessageA
InsertMenuA
DialogBoxParamA
FindWindowA
InvertRect
DestroyMenu
DragObject
CreateMenu
SetPropA
DrawCaption
IsDialogMessage
GetDlgItem
CopyImage
FillRect
EnableScrollBar
GetCursorInfo
SetWindowPos
GetKeyboardLayout
CreateIcon
GetKeyState
SetScrollInfo

advapi32

RegCloseKey
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumValueA
RegEnumKeyA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ