c289673501474f7fec2b16f435c90771_JaffaCakes118 | Triage

Sharing

General

Target

c289673501474f7fec2b16f435c90771_JaffaCakes118
Size

226KB
MD5

c289673501474f7fec2b16f435c90771
SHA1

0a5ee84f20863c5db6f0a71915ead920201df177
SHA256

2202d569f96eb49bd8e7fc67b997aaaa7fa5563ec88d7fd33a79f932986a4798
SHA512

d174bb6ba349ff47e36d9065e0ce396513631f80586a6e8eaaa0eccd2b017bd673dbd7717387b37333ccc0436683e8464acecf56abcb2f5be881fc56a0b0c086
SSDEEP

6144:aBBXY/rEv4AA2YMHScF1VXCaailJhApl:oIZAfB1VS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c289673501474f7fec2b16f435c90771_JaffaCakes118

Files

c289673501474f7fec2b16f435c90771_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d9adbe1aaa7229e64b7f041763e42cc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow
EnumDesktopsA
EndDialog
SetPropA
IsCharAlphaNumericW
SetWindowTextA
DialogBoxParamA
SetWindowPos
OemKeyScan

ole32

CoUnmarshalHresult
CoFreeLibrary
OleFlushClipboard

kernel32

GetCurrentProcessId
CopyFileW
CreateProcessW
SizeofResource
HeapDestroy
HeapFree
AddAtomW
DeleteAtom
LocalAlloc
InterlockedExchangeAdd
HeapCreate
InitializeSListHead
GetStartupInfoA
LocalFree
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetProcAddress
LoadLibraryExW

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ