b55a1226fd54dbae9c9cc46277d8d472_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b55a1226fd54dbae9c9cc46277d8d472_JaffaCakes118
Size

203KB
MD5

b55a1226fd54dbae9c9cc46277d8d472
SHA1

21eda07639d3906277df4645165fe7c881164039
SHA256

755c25da2d626d766ee615873749295c4927beb0e64f2eda55f1d5d98e8dc80b
SHA512

c32c503e1fdcf114768f71dc3df348f8d7f3c55deec9ba455ef3a0dc614b8a86a98ef97bc3f410dfd1bb1d2fd95b059c63118fe7cccfe9f10a26dfaee101a10b
SSDEEP

3072:Yhz3wlMl3494BBpj8bb0LJVKd1QzTFPpR3tbG+YmJWK6OcfYLBkraSG:WwlK494BIn0LiMX3tCJmU0Bp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b55a1226fd54dbae9c9cc46277d8d472_JaffaCakes118

Files

b55a1226fd54dbae9c9cc46277d8d472_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b40f19033992eaaa6825848b98b8377

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetModuleHandleA
GetSystemDefaultLangID
GetProfileIntA
HeapCreate
GetTickCount
CompareFileTime
AddAtomA
LoadLibraryExW
InterlockedExchange
CloseHandle
SuspendThread
GetVersion
GetStdHandle
GetCommandLineA
HeapReAlloc
WaitForMultipleObjects
GlobalUnlock
lstrlenA
WaitForSingleObject
VirtualProtect

user32

DispatchMessageA
InvertRect
SetPropA
GetKeyState
CreateCursor
SetScrollInfo
GetKeyboardLayout
MessageBoxA
CreateMenu
SetWindowPos
CopyImage
IsDialogMessage
CreateCaret
CreateIcon
EnableScrollBar
DialogBoxParamA
FindWindowA
GetDlgItem
DragObject
GetCursorInfo
DrawCaption
DestroyMenu
CopyRect
InsertMenuA

advapi32

RegCreateKeyExA
RegEnumValueA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyA

apphelp

GetPermLayers

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ