b761fb6a568d84bff7df159371ef1382_JaffaCakes118 | Triage

Sharing

General

Target

b761fb6a568d84bff7df159371ef1382_JaffaCakes118
Size

177KB
MD5

b761fb6a568d84bff7df159371ef1382
SHA1

c3c63698d37fa5144f14e0849e9d395a6c8956db
SHA256

a85138fb0261710f7e2cf30f8ce600938ae0c262fd38ef1525ca787db41f8db3
SHA512

cf77cbdaf41025015b4cff4a67326f99a028b8a4dccc666749bfc74da958d9824911731fa103b277db1c5c619caa97e85ac807c0c22f91b941618abfe48902fe
SSDEEP

3072:nSYI8ZfkVsgiKTYHDlP7E0RvxBEHWhCx9MEyh3AWRMPrGNPy3sSh9zQjnlEB:nSN8ZMV3i5P7VFnGZyh39qDGRwsY9zMl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b761fb6a568d84bff7df159371ef1382_JaffaCakes118

Files

b761fb6a568d84bff7df159371ef1382_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed3d600928feba828209e8f40431e60c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICOpen
ICClose
ICSendMessage
ICDecompress

user32

SetRectEmpty
SetCursor
InvalidateRect
GetWindowPlacement
AdjustWindowRectEx
GetClientRect
PostMessageW
FillRect

kernel32

GetModuleHandleW
GetShortPathNameA
GetCurrentThreadId
CreateFileW
GetFileInformationByHandle
GetProcAddress
UnhandledExceptionFilter
EnumResourceTypesW
GetCurrentProcessId
ExitProcess
LoadLibraryW
GlobalFree
GetLastError
CloseHandle
GetVersionExW

advapi32

RegCreateKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegSetValueW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ