d11ef93abdbb96171497b64bea6b23d5_JaffaCakes118 | Triage

Sharing

General

Target

d11ef93abdbb96171497b64bea6b23d5_JaffaCakes118
Size

362KB
MD5

d11ef93abdbb96171497b64bea6b23d5
SHA1

ae373dca6b883b56d22b0873e4df1604ff6636e1
SHA256

20b10e966350d5398aa0339e6e0183f38c9dda8c15caf5d78a8a452bda7af899
SHA512

dd9f5218eed028f33f86b61d89dbdb011653054367887848f73eac6218e8d4a36fee815f01a5fd78203506094d96a90e33141a0ad3d298e50bb02b489008171d
SSDEEP

6144:QxTBIP9djZmiWDFEOWtOAqANwc6xw36C5yGfJQs9Lq:qd09dj6zcN76xw3TwP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d11ef93abdbb96171497b64bea6b23d5_JaffaCakes118

Files

d11ef93abdbb96171497b64bea6b23d5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1b3db5f8f619d9d98b40d6cc2cde8e3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA

kernel32

TlsGetValue
SetUnhandledExceptionFilter
HeapReAlloc
ReleaseMutex
CreateMutexA
SetEvent
HeapCreate
TlsSetValue
GetFileSize
GetLastError
CloseHandle
HeapDestroy
TlsAlloc
TlsFree
ResetEvent
CreateEventA
QueryPerformanceCounter
GetProcessHeap
WideCharToMultiByte
FormatMessageA
HeapAlloc
CreateFileA
DeleteFileA
IsDebuggerPresent
MultiByteToWideChar
WaitForMultipleObjects
OpenMutexA
GetFullPathNameA
HeapSize
ExitProcess
LocalFree
ReadFile
VirtualAlloc
GetModuleHandleA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

user32

GetWindowRect
GetWindow
GetClientRect
wsprintfA
MessageBoxA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ