d108a72655e37a7fa2138b042762d32c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d108a72655e37a7fa2138b042762d32c_JaffaCakes118
Size

717KB
MD5

d108a72655e37a7fa2138b042762d32c
SHA1

68dd3c997e3615f4aaf6e158f5ba735c18cfe353
SHA256

9f6971c8343b6ee13be2cbaf4100f5ac71e9d02bf01cb83d9681558888179208
SHA512

dcd0640829e817002c8394c2e5e472a5dd4c4f094a836c4059816c0fc4f06e45b43d1fcc45740c6ff8fe30579824e8b6e5ed943498c3c8a6f61d380af8e3c529
SSDEEP

12288:9UDXZce5tzhzqSUk+8Ppr6oQGDI1GC63MPfZOAnPCcKgtynEe0tKkV/:aee5tzA50QxGcGV3MPfZKpgtyTo/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d108a72655e37a7fa2138b042762d32c_JaffaCakes118

Files

d108a72655e37a7fa2138b042762d32c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db7f5f0e54d5b54f6e74c7fb38cf2cad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetModuleHandleA
InterlockedExchange
WaitForSingleObject
GlobalUnlock
GetVersion
ResetEvent
LoadLibraryExA
GetConsoleCP
GetACP
HeapReAlloc
lstrlenA
CloseHandle
TlsFree
GetProfileIntA
CompareFileTime
SetEvent
FindAtomA
GetTickCount
GetAtomNameA
HeapWalk

user32

InflateRect
ScrollDC
EnableScrollBar
GetWindowTextA
GetKeyboardLayout
ShowWindow
EqualRect
PostMessageA
GetScrollRange
SetPropA
GetSubMenu
GetParent
GetWindowLongA
LoadIconA
DispatchMessageA
GetMenu
InsertMenuA
DialogBoxParamA
CopyRect
PostQuitMessage
ModifyMenuA
SetSysColors
MessageBoxA
GetDlgItem
UpdateWindow
DestroyMenu
TranslateMessage
SetWindowPos
GetMenuStringA

msi

MsiCloseHandle
MsiEnumClientsA
MsiDoActionA
MsiEnumProductsA
MsiGetMode

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ