b28afc867baa254790141f4e814591e1_JaffaCakes118 | Triage

Sharing

General

Target

b28afc867baa254790141f4e814591e1_JaffaCakes118
Size

97KB
MD5

b28afc867baa254790141f4e814591e1
SHA1

6962699017c1fd59b94f93c4bf162cc3dc872f71
SHA256

be999cfaac300b5627c2e933b17c93e11f717231107874be5c68b4f6125819b7
SHA512

1ba32663dd8e201f137c0239d970865dffbbbcb1e870bf1a9e7abcc7ae10b3b9795e046167d556f7950070468927a4bfafd1bb82bdce4cd82a6689beaeb9bb97
SSDEEP

1536:hNaVHlw6FUUqohrKgxZL2HpY3vBFYJD1NPCUQeyKNS58KqBJ7XwGxjcIXtw:qHFFUUDxZUpYfs1NKOyc3BJjwqtw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b28afc867baa254790141f4e814591e1_JaffaCakes118

Files

b28afc867baa254790141f4e814591e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60d0906a5f2750e58bd54aac0039ca75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

KillTimer
SetTimer
CharUpperA
EnumWindows
GetWindowThreadProcessId
PostThreadMessageA
PeekMessageA
CharNextA
LoadStringA
IsWindowVisible
GetWindowTextA
MessageBoxA
DispatchMessageA
GetMessageA
wsprintfW
wsprintfA

kernel32

ClearCommError
ReleaseMutex
GetExitCodeProcess
QueryPerformanceCounter
FindFirstFileA
ReadProcessMemory
FindClose
SetLastError
ClearCommError
ExitProcess
ReadFile
GetStartupInfoA
EnumResourceNamesW
DuplicateHandle
FindResourceExA
GetModuleFileNameW
ExitProcess
UnmapViewOfFile
MapViewOfFile
CreateMutexA
CreateProcessW
SetFilePointer
CreateFileMappingA
LocalSize

rpcrt4

RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
NdrClientCall
RpcStringBindingComposeA
RpcStringFreeA

shlwapi

PathFindExtensionA

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ