c05abd7cca43e436ad106f950428a215_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c05abd7cca43e436ad106f950428a215_JaffaCakes118
Size

11KB
MD5

c05abd7cca43e436ad106f950428a215
SHA1

fd320bc897f5971a810596b3080a399492f16a50
SHA256

e7fa28534d26aea820bbd06ae5fdbf30fc5532a2e5b1ee063070aff6ec58624f
SHA512

d10f77519fc69b235792aca21c3f0f6ccf33407271abedec747a7813464d32de70ac2078c0c270a1761e438b021a486b63612076acb5acf4f1d4e5e35a0bd958
SSDEEP

192:we04kXzi7OBQNcLDoWj9y3BJMgIiVlMTle/h+Ujx4kglazutysZclI:507Xzi7OBQN6sWjfgIiV8luh9d4k2Xt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c05abd7cca43e436ad106f950428a215_JaffaCakes118

Files

c05abd7cca43e436ad106f950428a215_JaffaCakes118
.exe windows:1 windows x86 arch:x86

65698b2d17ab8e714f503ef7421f6076

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlIsValidIndexHandle
NtQueryInformationProcess
NtReplyPort
RtlAddAuditAccessAce
ZwCreatePort
NtRegisterThreadTerminatePort
NtSetTimer

comctl32

LBItemFromPt
CreatePropertySheetPageA
FlatSB_ShowScrollBar
CreateStatusWindowA
CreateUpDownControl
ImageList_GetIconSize

user32

RemovePropW
SetTimer
VkKeyScanExW
GetKeyboardState
HideCaret
SendMessageCallbackA

oleaut32

VarI1FromR8
VarI2FromR8
OACreateTypeLib2
VarBoolFromI4
VarCyFromUI2
VarBoolFromCy
SysFreeString
VarI4FromDisp

msvcrt

_wstrdate
strstr
exp
__p__wpgmptr
_local_unwind2
_memicmp
_CIcosh
_fdopen

Sections

.text
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE