c95d704e5a9bb0e97fe1dccfade68b5a_JaffaCakes118 | Triage

Sharing

General

Target

c95d704e5a9bb0e97fe1dccfade68b5a_JaffaCakes118
Size

93KB
MD5

c95d704e5a9bb0e97fe1dccfade68b5a
SHA1

4436a543d6545d8e5e9565ae8a595c4714928c52
SHA256

87660b6d474b1189c3db5f664c4a5ce536c1d796cf405c8124dd658e8debcd0d
SHA512

76aad33c2e5ab822cce050c151cb914812028e861474158cadb6aedcd1f560525675f2320a86c81e70ca4281bac254dda97681b00521e032359475f846abdd82
SSDEEP

1536:E1qRpGsfhQON5/HLfz4LlLYm4jo2oi3i0TpGKQea7Gq++zh0CcC2brxUeZnv89F7:SO9n/XOYLjhj3i0Td3Ih0VCwrKkvg+Yh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c95d704e5a9bb0e97fe1dccfade68b5a_JaffaCakes118

Files

c95d704e5a9bb0e97fe1dccfade68b5a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2017d616007614108d507d4e32dbfef0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageA
GetMenuItemCount
DeleteMenu
EndPaint
GetWindowLongA
GetInputState
GetCursor
SetWindowTextA
LoadIconA
LoadCursorA
RegisterClassExA
CreateMenu
BeginPaint
CreateWindowExA
ShowWindow
UpdateWindow
TranslateMessage
DispatchMessageA
GetMessageA
GetCursorPos
CheckMenuItem
DestroyMenu

gdi32

GetStockObject
CreateSolidBrush
DeleteObject

shlwapi

PathIsFileSpecA

ole32

StringFromCLSID
OleSave
ReadClassStm
CoGetCallerTID
StgOpenPropStg
CoGetMalloc
CoInitialize
CoFileTimeNow
CoTestCancel

comctl32

ord17

kernel32

GlobalAlloc
GlobalFree
GetModuleHandleA
DeleteCriticalSection
GetLocalTime
LeaveCriticalSection
GetEnvironmentStrings
FreeLibrary
LoadLibraryA
GetCPInfo
GetLastError
HeapAlloc
HeapCreate
EnterCriticalSection
InitializeCriticalSection
GetSystemTime
GetSystemInfo

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE