c988c3a036a69f6a6d83a37ce2b1a8e0_JaffaCakes118 | Triage

Sharing

General

Target

c988c3a036a69f6a6d83a37ce2b1a8e0_JaffaCakes118
Size

283KB
MD5

c988c3a036a69f6a6d83a37ce2b1a8e0
SHA1

ef39e6c350f636cb58d4f5ded11dd45f3a5aee54
SHA256

137fc166d498fa0c7dff3dd68c6bacc0d1cba8b99fb893f163cd7f028428457f
SHA512

716a02d5a9a7df3734a7eed416002da0044c8b6834f23f807976519b856fdda0e811454a1b6a33d81620f3d2b502552f828420efbc5c9806d110ba0d2a9daa4a
SSDEEP

6144:c4ZSlGOnYrmJuO2XI9Ew0SJG+4XVGLoEyIsF5UND9LgPYcHIqc:c4ZSlGOYrmWXI6w0SIlGKIyONWHI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c988c3a036a69f6a6d83a37ce2b1a8e0_JaffaCakes118

Files

c988c3a036a69f6a6d83a37ce2b1a8e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

002f886dbde7ff46db6c8ce194e02353

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
GetProcAddress
LockResource
LoadResource
VirtualFree
WinExec
FreeLibrary
CreateFileA
GetTempFileNameA
GetTempPathA
LoadLibraryA
LoadLibraryExW
CloseHandle
FindResourceA
GetTickCount
SearchPathA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
MoveFileExW
GetCommandLineW
WriteFile
GetModuleHandleA
VirtualAlloc

user32

MoveWindow
GetWindowRect
GetDesktopWindow
EndDialog
DialogBoxParamA
CreateWindowExA
ShowWindow
SetTimer
SetDlgItemTextA
UpdateWindow

advapi32

RegSetValueExW
RegCreateKeyExW

shell32

SHGetFolderPathA
CommandLineToArgvW

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ