c1067ad132c37aec7d476cd09322e5cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1067ad132c37aec7d476cd09322e5cb_JaffaCakes118
Size

287KB
MD5

c1067ad132c37aec7d476cd09322e5cb
SHA1

9a18f2a2c8d1a86f9c0aeacca50fec48c488562e
SHA256

4033f521faed34b82dfc28659b67b65b9b93364be9b45f03ecccb0b3bafecffc
SHA512

35a9386a530a475f75d786abba3e50e98d24f2652151d03212c44246f942cbe7f727811c57e21ad439211d9b4a338b2ca87bb94b66f3543f2aea128f7a151041
SSDEEP

6144:vINYvDkcgugoa2zSKAo5XOs4FOo6M86vKhmEt4mfSp8:vIowDpCSKAoks4FOTPphfI8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1067ad132c37aec7d476cd09322e5cb_JaffaCakes118

Files

c1067ad132c37aec7d476cd09322e5cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bef371a4412f6a403aa90183b9352785

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapWalk
GetStdHandle
VirtualProtect
FindAtomA
CloseHandle
GetConsoleCP
lstrlenA
GetVersion
GetACP
GlobalUnlock
GetAtomNameA
GetProfileIntA
TlsGetValue
LoadLibraryA
CompareFileTime
TlsFree
GetTickCount
GetModuleHandleA
HeapReAlloc
WaitForSingleObject
InterlockedExchange

user32

CreateCaret
InflateRect
GetDlgItem
CopyRect
TranslateMessage
ShowWindow
GetMenuStringA
PaintDesktop
GetKeyboardLayout
DispatchMessageA
UpdateWindow
ModifyMenuA
DestroyMenu
PostQuitMessage
EnableScrollBar
GetScrollRange
DialogBoxParamA
SubtractRect
SetWindowPos
MessageBoxA
LoadIconA
GetWindowTextA
GetMenu
EqualRect
PostMessageA
InsertMenuA
SetPropA

msi

MsiDoActionA
MsiCloseHandle
MsiEnumClientsA
MsiGetMode
MsiEnumProductsA

clbcatq

CoRegCleanup

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ