b00ffc11be0470146eab5379be384957_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b00ffc11be0470146eab5379be384957_JaffaCakes118
Size

200KB
MD5

b00ffc11be0470146eab5379be384957
SHA1

172ade79aabb2820f026bde28d15fcb5c2118c6d
SHA256

4b4c11305b07445a2d3f8019858e1094696d8db980154d1f8af15c68e8cbdcc9
SHA512

9da9d30187c4750524857f3ae029870454d84978bea21ea1844ac5bfda39221dabd7a10bd6b0e8c6ab3e74a7cb887b3276a54bee9721ceceda609151ab65dbc4
SSDEEP

6144:w6Ti5wLmz31Z6fg0xXfsS1Iy5Vg9hDBeDZWvYaOPY:R5e8JNEmg9hdeDVasY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b00ffc11be0470146eab5379be384957_JaffaCakes118

Files

b00ffc11be0470146eab5379be384957_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7b9a687edbbe9c0dbea3dc53d3a039a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetProfileIntA
GetVersion
CompareFileTime
HeapCreate
SuspendThread
VirtualProtect
GetTickCount
HeapReAlloc
GetConsoleCP
AddAtomA
lstrlenA
GetSystemDefaultLangID
CloseHandle
GetModuleHandleA
InterlockedExchange
GetStdHandle
WaitForMultipleObjects
OpenMutexA
GetCommandLineA
WaitForSingleObject

user32

SetScrollInfo
InvertRect
CreateIcon
DispatchMessageA
MessageBoxA
DestroyMenu
GetCursorInfo
DragObject
SetWindowPos
CreateCursor
InsertMenuA
IsDialogMessage
CreateMenu
CopyImage
GetKeyboardLayout
GetKeyState
DispatchMessageA
FindWindowA
DialogBoxParamA
SetPropA
GetDlgItem
DrawCaption
EnableScrollBar

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ