d05125111e125b0b8958420934cae424_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d05125111e125b0b8958420934cae424_JaffaCakes118
Size

717KB
MD5

d05125111e125b0b8958420934cae424
SHA1

772706f3880c0ecd10f49db52f3df1e87ca018af
SHA256

4e1819326af0e09cdff13814b700fa59c3d2497603bcea715b827fdd4f3623df
SHA512

cfb1b736fd633c1d8efc9c29da7ef3352dde278d4bd49def2a1a3f976150a5c8e3d47f2d41253afdf8c77af77344729b127084742fa435d6c51c985142f0ea43
SSDEEP

12288:MhUqxSEDT5n4GhQn8LnzB4XG0wBtuycNTpvWLQ8c9GwtW8rsxyC3fpQg:akyTyxnSN4XG00tsL+LQ8cswQwsYC3hH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d05125111e125b0b8958420934cae424_JaffaCakes118

Files

d05125111e125b0b8958420934cae424_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc6418f9a2c2edce9a42f74d4d36ff46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
LoadLibraryExA
GetTickCount
HeapReAlloc
InterlockedExchange
SetEvent
GlobalUnlock
GetAtomNameA
FindAtomA
lstrlenA
GetACP
GetVersion
GetConsoleCP
HeapWalk
TlsFree
ResetEvent
GetModuleHandleA
CompareFileTime
VirtualProtect
CloseHandle
GetProfileIntA

user32

PostQuitMessage
GetDlgItem
GetMenu
EqualRect
DispatchMessageA
TranslateMessage
PostMessageA
SetSysColors
DialogBoxParamA
GetSubMenu
UpdateWindow
LoadIconA
GetWindowLongA
GetMenuStringA
MessageBoxA
InsertMenuA
InflateRect
ShowWindow
GetWindowTextA
GetKeyboardLayout
CopyRect
DestroyMenu
SetWindowPos
GetParent
GetScrollRange
ScrollDC
EnableScrollBar
ModifyMenuA
SetPropA

msi

MsiEnumProductsA
MsiCloseHandle
MsiEnumClientsA
MsiGetMode
MsiDoActionA

uxtheme

GetThemeBool

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ