c13d879b86a3d6433080e1b28f7be56c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c13d879b86a3d6433080e1b28f7be56c_JaffaCakes118
Size

304KB
MD5

c13d879b86a3d6433080e1b28f7be56c
SHA1

ac1c0c315bb93632bd8b3b075c4c92c7f87dc389
SHA256

7f91027f4753f1b245c03505974338762ce89d2b420ddcafddd55ee1b0359f0e
SHA512

44f8e2134a24b745e16b4a8c2897146a0abe1667829890708eb3f36c25b93ac30c7c8d2266397ed0e2912701abe2d07484e2199b6f4185a21a1c0bda36f8062b
SSDEEP

6144:gdcWKlCWOWGZikq2spLsQZnDOxsi7nhQPf2jG0eXm/C:gTKlCmk9ApCsoA0DD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c13d879b86a3d6433080e1b28f7be56c_JaffaCakes118

Files

c13d879b86a3d6433080e1b28f7be56c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9d3c5bacabed718299674b2f9e7453a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
SetTimer
MessageBoxA
PostQuitMessage
KillTimer
GetDoubleClickTime
GetDlgItem
EndDialog
DialogBoxIndirectParamA

kernel32

lstrlenA
lstrcpyA
CloseHandle
CreateDirectoryA
CreateFileA
ExitProcess
FindResourceA
FreeResource
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GetVersion
GlobalAlloc
GlobalFree
LoadLibraryA
LoadResource
LockResource
MultiByteToWideChar
ReadFile
RtlZeroMemory
SetFilePointer
SizeofResource
Sleep
WriteFile
lstrcatA

comctl32

InitCommonControls

shell32

SHGetSpecialFolderPathA

shlwapi

StrStrA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE