b65b78ce57bfcef08e9e5658e6c09e19_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b65b78ce57bfcef08e9e5658e6c09e19_JaffaCakes118
Size

338KB
MD5

b65b78ce57bfcef08e9e5658e6c09e19
SHA1

a3be1f7a35dfa0431a6dc28ae2f4b4e73f83a26c
SHA256

4702908a5dc55df0b62cf95a5cf7b21154c4c4e980aa26f13db4720b40e77763
SHA512

bb859c16144459b08effd4fd90eb9ed88173afc27b2c1a687bf95501cd3592f48be5be9db62f2758f2322a4141b180b3c140092a0440fe1ce53159a060bcc76d
SSDEEP

6144:P0aSQ/ssuD0joUMQzcnRfaKMDwzCTzKSk7bIXz0Ewho/rIihdDk:PljtjonxwZMzcdXz0PoMih+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b65b78ce57bfcef08e9e5658e6c09e19_JaffaCakes118

Files

b65b78ce57bfcef08e9e5658e6c09e19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a9b27aa7f24978930e6736261a041a04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
OpenMutexA
LocalFree
OpenMutexA
lstrlenA
GetACP
FindClose
FreeConsole
IsBadReadPtr
GlobalLock
VirtualProtectEx
GlobalUnlock
GetStdHandle
LocalFlags
GetLastError
CloseHandle
CreateEventA
GetModuleHandleA
GetConsoleTitleW
GetSystemTime

user32

GetDlgItemTextA
GetParent
IsMenu
DialogBoxParamA
LoadCursorA
ClipCursor
IsIconic
EndDialog
GetSubMenu
GetKeyState
GetMessageA
CreateWindowExA
GetMessageA
MessageBoxA

clbcatq

SetupSave
GetComputerObject
GetCatalogObject
CheckMemoryGates
ComPlusMigrate

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ