cde34e278b90422a8240d408bc04646a_JaffaCakes118 | Triage

Sharing

General

Target

cde34e278b90422a8240d408bc04646a_JaffaCakes118
Size

328KB
MD5

cde34e278b90422a8240d408bc04646a
SHA1

27aec05897a12fc34d905c7d8e48f8e7b8a216ae
SHA256

a5a4f9f92b4bfde5316da7ca1d4be042fa3d6e770b7ab9ca517f13651c068026
SHA512

5b187d8886d680fedd67d1d9e165ce7fd57579ce8accb40c6a530eb1d343b1fa97dcf95dba00c61e891f3db8367bb255603776451d1cfc242b01569bb45ef5a3
SSDEEP

6144:KAK8PwjNi1eM3OcQ7C5ytkvG6hQOAtEiWSbj8Tg9tyE7ejCd4ah:j9Y5ioSsC5+BIK4Tg9EEigRh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cde34e278b90422a8240d408bc04646a_JaffaCakes118

Files

cde34e278b90422a8240d408bc04646a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a550969c8fd262dd210ecba62c3878ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
Sleep
GetSystemTime
CloseHandle
LocalFree
HeapCreate
PulseEvent
LocalUnlock
LoadLibraryW
GetModuleHandleA
CreateFileA
lstrlenA
GetComputerNameA
SetEvent
SetLastError
GetCommandLineW
GetTickCount
UnmapViewOfFile
GetCurrentDirectoryA
GetConsoleTitleA

user32

SetFocus
GetDlgItem
FillRect
IsWindow
DrawMenuBar
DispatchMessageA
CheckRadioButton
GetDC
CreateWindowExA
DrawEdge
GetScrollBarInfo
GetKeyState
CallWindowProcA

clbcatq

SetSetupOpen
CheckMemoryGates
SetupOpen
UpdateFromAppChange
DowngradeAPL

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ