c822caeba79384e27fdd39214a03bd98_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c822caeba79384e27fdd39214a03bd98_JaffaCakes118
Size

646KB
MD5

c822caeba79384e27fdd39214a03bd98
SHA1

3b9b24c0c9656af707bc91a9faa2fddb367e304f
SHA256

9200d110d67f7f7e902ab2570ae37f6a11e61ef7114054d2b27fa754390feabd
SHA512

da47f80deddd9d8248591e50dea565c4e6de9cf1227bb73d60d9c74beb0e62cea4876ed2b7c60dd64258381a942f7d84e83d5b513e0f05edaa10748a36cd26ca
SSDEEP

12288:RuQK9b86uaw1ZAgeQrHaM5LjU9Vt7ANoTe8XaYlIWZNIw1SO9y/qGfoZNSK:Rib86dE+C15LjUTpOojXaKr11SO2mZN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c822caeba79384e27fdd39214a03bd98_JaffaCakes118

Files

c822caeba79384e27fdd39214a03bd98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af10cc624b55be4c48ba1ff37f9ff9d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
ResumeThread
GetACP
SetLastError
GetVersion
lstrlenA
LoadLibraryExA
GetCommandLineA
GetModuleHandleA
WaitForSingleObject
GetConsoleDisplayMode
GlobalSize
GetConsoleCP
HeapCreate
HeapReAlloc
InterlockedExchange
GetAtomNameA
VirtualProtect
GetSystemTime
GetUserDefaultLangID
LocalLock

user32

FrameRect
CreateIcon
GetFocus
GetTitleBarInfo
FillRect
GetCursorPos
SetForegroundWindow
GetWindow
GetParent
AnyPopup
EndPaint
wsprintfA
ShowWindow
ReleaseDC
DrawTextA
GetDC
BeginPaint
GetClassNameA
DragDetect

ntshrui

GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
DllGetClassObject
DllCanUnloadNow
SetFolderPermissionsForSharing

msacm32

acmFilterEnumA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ