b684f2a9da42d9cf0b09be49a8f05d35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b684f2a9da42d9cf0b09be49a8f05d35_JaffaCakes118
Size

168KB
MD5

b684f2a9da42d9cf0b09be49a8f05d35
SHA1

d4081456b7c0e6aeccebf8af1edb2117e4bb214b
SHA256

5aea18a11cb710b7d762ce44b29894b27e8835bc565bfa478b487f9026f0005d
SHA512

52ce919fbf5db5a0df84e0dba19fbb44eda0363a24d6af847a5bd9857bc6c95c69b0b1d3d960ef67cb1927225039ecc00e7f3d3269944329b0bbaf755fccccc2
SSDEEP

3072:a3QMFhs0CGh5Hin4+p2pbB1qji3hb5vaZ+vu9Tt+nwlsDtvKh3Ke7/kS2Z:a3lFhZ5H04RptSixRaZXvmDtvK9Ke7/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b684f2a9da42d9cf0b09be49a8f05d35_JaffaCakes118

Files

b684f2a9da42d9cf0b09be49a8f05d35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fb1c0e213ddbbb523e8a8e7e39a7576

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
CompareFileTime
HeapCreate
lstrlenA
LoadLibraryExA
GetVersion
WaitForSingleObject
SuspendThread
SetConsoleCP
GetConsoleCP
GlobalUnlock
GetTickCount
GetCommandLineA
GetStdHandle
GetSystemDefaultLangID
GetModuleHandleA
VirtualProtect
InterlockedExchange
GetAtomNameA
WaitForMultipleObjects
CloseHandle

user32

InsertMenuA
CreateIcon
EnableScrollBar
DrawCaption
GetKeyState
FindWindowA
IsDialogMessage
CreateMenu
GetDlgItem
GetCursorInfo
DragObject
SetWindowPos
SetPropA
CopyImage
SetScrollInfo
DestroyMenu
InvertRect
DialogBoxParamA
GetKeyboardLayout
DispatchMessageA
FillRect

advapi32

RegCloseKey
RegEnumKeyA
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ