b53ab78118c8b0ed6290ba7a04d0d4f7_JaffaCakes118 | Triage

Sharing

General

Target

b53ab78118c8b0ed6290ba7a04d0d4f7_JaffaCakes118
Size

375KB
MD5

b53ab78118c8b0ed6290ba7a04d0d4f7
SHA1

4753998d2e3dadce760bf4ae48bd23991baf8ace
SHA256

eabbd6949ecb28caedd2c7d11a19c93a6190c97fefdb47aba242930aaa33819c
SHA512

2614cbc65f41ef6a49879cef79bab4cd50c337d05ee043c0abbd899846f9b477575bdb6e2840a4e6a7247392f769c275fb3360eecdae66d1bfb0197aa9c719e1
SSDEEP

6144:aaxTh86sfb2BVpk9kcDj3glx6OIpOR5xI0mqtjDIyyco6L:aWTBsMWOcwlQg5xMwjDItIL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b53ab78118c8b0ed6290ba7a04d0d4f7_JaffaCakes118

Files

b53ab78118c8b0ed6290ba7a04d0d4f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da77b0e1a1035770f510e6e833865199

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PulseEvent
LoadLibraryW
LocalFree
HeapCreate
GetCurrentDirectoryA
lstrcpyA
FindClose
Sleep
CreateThread
lstrlenA
GetCurrentThreadId
GlobalUnlock
GetCommandLineA
CreateFileW
GetSystemTime
CloseHandle
GetModuleHandleA
ResetEvent
UnmapViewOfFile
GetComputerNameA

user32

CreateIcon
GetCaretPos
DrawEdge
SetFocus
GetDlgItem
DrawMenuBar
IsWindow
DispatchMessageA
FillRect
CreateWindowExA
CheckRadioButton
GetDC
CallWindowProcA

cryptui

CryptUIDlgCertMgr
CryptUIDlgSelectStoreA
LocalEnroll
CryptUIDlgSelectCA
WizardFree

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 299KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ