b181ad467efbfceab4993da3a1252173_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b181ad467efbfceab4993da3a1252173_JaffaCakes118
Size

157KB
MD5

b181ad467efbfceab4993da3a1252173
SHA1

6574b21a4096c49c0dee8b90e4743db7a996db26
SHA256

1c47b3dddee25489d083a32261f80dbb9ad56c73d0155e6723d086b6918e37aa
SHA512

c9932c3f56d7ecc0779e7aff37cb67fab107c714fde5f0171219479e04fa39c6e383f0cf6a71021475a5f0e1258d7e0ebd5819e5d182b314f6ea0d84900ce0d5
SSDEEP

3072:SZXGw3qNsLIUJ4WWJQlz9vSYVZ/EH+kBPDfH5THFQnA1SWYB3anfGmFCFt:eGw38NWWJKz9v/wHDRTynALy2fGmFa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b181ad467efbfceab4993da3a1252173_JaffaCakes118

Files

b181ad467efbfceab4993da3a1252173_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9107fa0ccb1a70d71de8ef64f9e49d98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenWaitableTimerW
LocalAlloc
GetProcessTimes
lstrcat
OpenEventA
DeleteTimerQueueTimer
SetEndOfFile
LocalHandle
Module32First
GetSystemTimes
VirtualAllocEx
GetConsoleScreenBufferInfo
Thread32Next
GetLastError
TransmitCommChar
GetCurrencyFormatA
GlobalFix
SetTapePosition
ConnectNamedPipe
ReadConsoleInputA
LoadLibraryExA
GetExpandedNameA
WaitForSingleObjectEx

user32

GetIconInfo
ToUnicode
ScrollWindow
InvalidateRgn
ModifyMenuA
RegisterShellHookWindow
DefWindowProcA
GetMenuInfo
NotifyWinEvent
SetProcessWindowStation
GetWindowTextLengthW
IsChild
EnumWindowStationsA
UnregisterUserApiHook
DlgDirSelectComboBoxExA
PrivateExtractIconsA
CliImmSetHotKey
SwitchDesktop
ChangeDisplaySettingsExA

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ