c1a45b4c964f86f8242efc7256aedcb5_JaffaCakes118 | Triage

Sharing

General

Target

c1a45b4c964f86f8242efc7256aedcb5_JaffaCakes118
Size

160KB
MD5

c1a45b4c964f86f8242efc7256aedcb5
SHA1

4a89044a3c3a4275382e9fbfc1663bf8f730aed7
SHA256

e37d5647c8604a1b4fcac1e83ec9f03a94f9ab33329b8fb4c1501845c3efb89b
SHA512

a5cb19fb85fe5a7a3b062d5d51a965c6a1298d608f344640b9a3db12a3dbfea78bf3f5aaa8b372437d926c488bb8c9d4828718f67d64cf8dfae5de13562c3b42
SSDEEP

3072:zpV0REdInghTCDcreiXjPBkmy1cDspoYjJGoLoRJ:zp2RJghWDwdPBkF1cIpHQRJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1a45b4c964f86f8242efc7256aedcb5_JaffaCakes118

Files

c1a45b4c964f86f8242efc7256aedcb5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7b174b80b13fe0a5a42002ce2eef9e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetConsoleTitleA
SetFileTime
SetFilePointer
GlobalSize
OpenFileMappingW
GetCurrentThreadId
OpenFile
InitializeCriticalSection

user32

SetMenuItemInfoA
BeginDeferWindowPos
CopyIcon
SetWindowTextA
GetThreadDesktop
LoadKeyboardLayoutA
CallNextHookEx
CharToOemA
GetScrollPos
DefMDIChildProcA
CallWindowProcA
InvertRect

gdi32

ExtFloodFill
PlayEnhMetaFile
CreatePen
ArcTo
SetColorSpace
GetGraphicsMode

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 822B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE