bec0e85ecbea60359350a4aaa5368165_JaffaCakes118 | Triage

Sharing

General

Target

bec0e85ecbea60359350a4aaa5368165_JaffaCakes118
Size

13KB
MD5

bec0e85ecbea60359350a4aaa5368165
SHA1

22256c78642b44cbaf2e41c567419e6af94df29d
SHA256

5286619e05be74aede69ef53ebdfe2a93d3128bb8511009775e038c0dade73eb
SHA512

4e37acc1205ad7c7c2bc77bac25f0423ddbee4b68a2d97311b24da2e7d1b948660e58463dc773077d7a1509cea16a784702d972051307b929b84e54396aa0fe3
SSDEEP

192:PKAm0tfN/z/kjmO5x/qAFM8lebEGfnq6CwLqyEjnC0U0:PKARt1/z/kjZ5xPM88twyInNL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bec0e85ecbea60359350a4aaa5368165_JaffaCakes118

Files

bec0e85ecbea60359350a4aaa5368165_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb6f80d335b3af0dc51a5cab41af14a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TrackPopupMenuEx
EnableWindow
SetForegroundWindow
SendMessageTimeoutA
SendMessageA
FindWindowA
ShowWindow
PostQuitMessage
LoadIconA
LoadCursorA
GetWindowThreadProcessId
GetWindowLongA
GetMessageA
GetDlgItem
GetCursorPos
RegisterClassExA
SetWindowLongA
FindWindowExA
UpdateWindow
DispatchMessageA
DestroyWindow
DestroyMenu
DefWindowProcA
CreatePopupMenu
CreateDialogParamA
AppendMenuA
TranslateMessage

kernel32

lstrcpyA
WriteProcessMemory
VirtualFreeEx
VirtualAllocEx
RtlZeroMemory
ReadProcessMemory
OpenProcess
GetModuleHandleA
ExitProcess
CloseHandle
GetCommandLineA

shell32

Shell_NotifyIconA

comctl32

InitCommonControls

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 326B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ