d0ee5cafed81294a7294ec59cb747452_JaffaCakes118 | Triage

Sharing

General

Target

d0ee5cafed81294a7294ec59cb747452_JaffaCakes118
Size

275KB
MD5

d0ee5cafed81294a7294ec59cb747452
SHA1

21da725e5db316c1e27d2a8f7d2b715b92626ec5
SHA256

80bf245a0d4e991ff5198a8d243fbb83a296aac7f6f7002637ebb9b21bec4a08
SHA512

cf3a42ee79eb076ca9548f63416162b05c89effdcbae4ef6148d894bb1ce5278f9a38d6f2fec534ae5fd2b858fc85a8874344d7d6c7bef1fef2cca4c76c55b04
SSDEEP

3072:+QdDS9n0/qhnuZQx1bS9d0m9sPOoTQ7WJZ84MVnTugvU/4+ZZkhf6S4QW77Hz:+QD/qEZQx1ed3sHEW84SnTpqG+d7r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0ee5cafed81294a7294ec59cb747452_JaffaCakes118

Files

d0ee5cafed81294a7294ec59cb747452_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7130057e6261be17d44d092033e60fcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
EnterCriticalSection
ExitThread
GetCurrentThreadId
GetModuleHandleA
GetTickCount
GlobalAlloc
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
LoadLibraryA
MulDiv
SetErrorMode
SetEvent
Sleep
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
lstrcmpiA
lstrcpynA
lstrlenA

user32

BeginPaint
ClientToScreen
EqualRect
IsDlgButtonChecked
LoadAcceleratorsW
RemovePropW
SetMenuDefaultItem
SetRectEmpty

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 261KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ