b775856e7ed85c1e8e48e6b02c3ca74e_JaffaCakes118 | Triage

Sharing

General

Target

b775856e7ed85c1e8e48e6b02c3ca74e_JaffaCakes118
Size

276KB
MD5

b775856e7ed85c1e8e48e6b02c3ca74e
SHA1

dff109664bf8b6b341869b182e6382a71ed6613f
SHA256

3e72a2ebf5820f1c75aeade4b7f84ef2c394725c96c175b0c0b4098f7d26c85d
SHA512

6918f2d42015e8fc1090a2a9ad5239cc5c6f1d719ae75d412b02d8116dbc65cefece45b68ef5b4832ab1dc15a4c5b3b81190cff9ddf8e579310f48988ad59d7b
SSDEEP

6144:sd80l6OwqCE3H4s2+nf6HcsdSifjrMK4tz8zmkT:30krfyHVLf68sdSeT3T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b775856e7ed85c1e8e48e6b02c3ca74e_JaffaCakes118

Files

b775856e7ed85c1e8e48e6b02c3ca74e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c2a651a2c79747357c1dec4816ca54b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetProcAddress
HeapFree
GlobalAddAtomW
EnumResourceNamesW
SetLastError
CloseHandle
GetProcessHeap
GetModuleHandleW
InterlockedExchange
LockResource
GetCommandLineW
EnumResourceNamesA
LoadResource
FormatMessageW
FindResourceExW
GlobalFree
LoadLibraryA
FindFirstFileW
GetLastError
LocalFree
EnumResourceTypesW
RaiseException
EnumResourceLanguagesW
SizeofResource
GetDateFormatA
GetCurrentDirectoryW
FindNextFileA
FindFirstFileA
HeapAlloc
Sleep

user32

PeekMessageA
wsprintfW
PostThreadMessageA
EnumWindows
MessageBoxA
GetMessageA
KillTimer
DispatchMessageA
IsWindowVisible
LoadStringA
CharNextA
GetWindowTextA
GetWindowThreadProcessId
CharUpperA
SetTimer
wsprintfA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 147KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ