ca615dc0adf38debdedb588224df5215_JaffaCakes118 | Triage

Sharing

General

Target

ca615dc0adf38debdedb588224df5215_JaffaCakes118
Size

92KB
MD5

ca615dc0adf38debdedb588224df5215
SHA1

c0303d4afda86faca8fc1bd295b62894da2cf4fc
SHA256

5a219d99cf57f9273f6d8d891bb648186d0207587271a0c050ef1bf3460d9af3
SHA512

85b4ec4ca2a3224534d4252db85cdf0857a47ee4be1301897acac390c2e12fd422a94673f48d599bc40941e2df61ad23a6d8d91264cb20d1a42257f043bd5b3f
SSDEEP

1536:HKtvDywyJIk5DgVkRX0VcICX3JtbqOdFWtexaiM/qix90uOh0x9QvDNi4gB1yV85:uLyJnsVkRX0VaR0iA/1OcLjTyV8qB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca615dc0adf38debdedb588224df5215_JaffaCakes118

Files

ca615dc0adf38debdedb588224df5215_JaffaCakes118
.exe windows:5 windows x86 arch:x86

581479bf27454ac881a2bb217f9b8948

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsDlgButtonChecked
RegisterClassExA
EnableScrollBar
EndPaint
SetWindowTextA
LoadCursorA
LoadIconA
GetWindowLongA
GetClipboardOwner
CheckDlgButton
BeginPaint
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

CreateBrushIndirect
CreatePatternBrush
SetBkMode
DeleteObject
GetStockObject
PolyBezier

ole32

CoUnmarshalHresult
OleSetContainedObject
CoWaitForMultipleHandles
StgIsStorageFile
CoGetObjectContext

oleaut32

SafeArrayAllocDescriptor
SafeArrayDestroyDescriptor

kernel32

QueryPerformanceCounter
InterlockedDecrement
GetFileAttributesA
HeapDestroy
GetACP
EnterCriticalSection
InitializeCriticalSection
HeapAlloc
HeapCreate
HeapFree
GetCommandLineA
GetLastError
DeleteCriticalSection
LeaveCriticalSection
GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE