cdef5089c588ee7664578a6a8ffa6a7d_JaffaCakes118 | Triage

Sharing

General

Target

cdef5089c588ee7664578a6a8ffa6a7d_JaffaCakes118
Size

116KB
MD5

cdef5089c588ee7664578a6a8ffa6a7d
SHA1

6351f381306dcde0d0877aca6cb6cf2f76e81d5c
SHA256

484f2c7a58d51eac276595a509109269917e1e1715b4e26e50271417bcb4c19c
SHA512

b48989b1b69263ba9d2329be084651d9805ce7acd96336fe0a94062cf49da64aa9788dc4293fbe5ef4a82fee47e7ce7c3fa60a069ba199c287815c0631874967
SSDEEP

3072:rTZwuxxvWPwGMp2H/g/uYT7CrxUGhngn:3fxgPwPIfg/eC6gn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdef5089c588ee7664578a6a8ffa6a7d_JaffaCakes118

Files

cdef5089c588ee7664578a6a8ffa6a7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

922c7f7faca39768308da729922b0159

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
ExitProcess
FreeLibrary
GetCurrentDirectoryA
LoadLibraryA
lstrcmpA
SetCurrentDirectoryA
GetProcAddress
lstrcpyA

user32

GetDlgItem
CreateDialogParamA
LoadCursorA
LoadIconA
LoadBitmapA
InvalidateRect
ShowWindow
UpdateWindow
EndPaint
SetWindowTextA
EnableWindow
PostQuitMessage
PeekMessageA
GetMessageA
DispatchMessageA
SetClassLongA
MessageBoxA
wsprintfA
SendMessageA
DrawTextA
BeginPaint

gdi32

SetTextColor
BitBlt
CreateCompatibleDC
SelectObject
RealizePalette
SetBkMode
CreateFontIndirectA
DeleteDC

comctl32

ord17

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ