b491b306e4005f99ed29554bef231abf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b491b306e4005f99ed29554bef231abf_JaffaCakes118
Size

328KB
MD5

b491b306e4005f99ed29554bef231abf
SHA1

f84a557c35e6f88637a5d00fa7f44955e6a2c0df
SHA256

956f0bba44982e5e963d80b72a23f6e103c8a4a30c541d250dafd951844f7ee5
SHA512

a2887a98d84307b002e23a51babd0b888d662f309f1eb277d9a7d87dc9cca2560b8643e4f57f45bcf364c549671bd19cc850cd924df752ed1707e18565956b89
SSDEEP

6144:cxVpBMDHXxy+CdFr/GJS0hGaMUXjyIU4Ozwp05M8:27OD3wDjTGJZcatjQXzksM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b491b306e4005f99ed29554bef231abf_JaffaCakes118

Files

b491b306e4005f99ed29554bef231abf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fb3feb4752eee0378d575f5a43a2aae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetSystemDefaultLangID
lstrlenA
HeapReAlloc
CompareFileTime
WaitForSingleObject
HeapCreate
GetConsoleCP
SuspendThread
GetTickCount
InterlockedExchange
SetConsoleCP
GetStdHandle
GlobalUnlock
GetVersion
VirtualProtect
GetCommandLineA
WaitForMultipleObjects
SearchPathA
GetAtomNameA
CloseHandle

user32

SetScrollInfo
CopyImage
GetCursorInfo
MessageBoxA
DialogBoxParamA
DispatchMessageA
GetDlgItem
DrawCaption
CreateIcon
CreateMenu
FindWindowA
GetKeyState
GetKeyboardLayout
DestroyMenu
EnableScrollBar
SetPropA
IsDialogMessage
InsertMenuA
DispatchMessageA
InvertRect
SetWindowPos
CreateCursor
DragObject

advapi32

RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegCloseKey

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ