c795e2e460ab9e490bf25d43dd12f723_JaffaCakes118 | Triage

Sharing

General

Target

c795e2e460ab9e490bf25d43dd12f723_JaffaCakes118
Size

73KB
MD5

c795e2e460ab9e490bf25d43dd12f723
SHA1

e0afe56a843bc9e94af9b50447af1a45d3752630
SHA256

ac6fe1dd0927047b710e1500f7391541f3bca077a0bc57945a41b5d80b565acb
SHA512

4871b1815fad07923d4ab0358dc07405fd5fa99ad30e0dd950746147ce19c53aba64dcff9c664a2d9bdef7ea05946d1151ccc80c2bb6acd70f78f00dd6c4bf42
SSDEEP

768:rMM/EDnn9+oR1MEG3cAB7UcyUv11GIwWFXQS8i7fblOiu3a2uiRPE/TVEl2Vo4OI:rnMDnhR1u3vBgcjtFQ/ogXqiRs+PE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c795e2e460ab9e490bf25d43dd12f723_JaffaCakes118

Files

c795e2e460ab9e490bf25d43dd12f723_JaffaCakes118
.exe windows:4 windows x86 arch:x86

193b08c48ae198069192ca6590bd0344

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadImageA
GrayStringA
IsCharLowerA
GetWindowDC
GetSysColorBrush
HideCaret

wininet

UnlockUrlCacheEntryFile
InternetGetLastResponseInfoA
InternetEnumPerSiteCookieDecisionW
InternetSetDialState
ShowSecurityInfo

advapi32

CloseServiceHandle
CryptGetKeyParam
FindFirstFreeAce
IsValidSid
FreeSid

msvcrt

strlen
_cabs
__wargv

Sections

.text
Size: 47KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE