d193da3813ea3bb2ae605f1eefdff321_JaffaCakes118 | Triage

Sharing

General

Target

d193da3813ea3bb2ae605f1eefdff321_JaffaCakes118
Size

108KB
MD5

d193da3813ea3bb2ae605f1eefdff321
SHA1

44529a2b1d4851a8cf12a342d3fa66098569c113
SHA256

29b0322d0f58c311e83753f86e740edc7fcc34c213ad895102a4ddd49ec88076
SHA512

a524d7f832c4ca66a844ddd6a367a4b5cdd5bb0126c8de42c5a390010825ed697882a93a82ad89db09bbb4cf15be485fbb834edf3287b01fed17c2c886cb7478
SSDEEP

1536:YYNb6tjvEkZi5MJZABHRSp04z2rSFJDU5NkXM1zI1WXFqETRUMZNj:YOSIYJZiU2rKXMpUWX3RUMzj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d193da3813ea3bb2ae605f1eefdff321_JaffaCakes118

Files

d193da3813ea3bb2ae605f1eefdff321_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95438ac337c41a0661eea595880b9841

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

printf

gdi32

EnumFontsA
GetArcDirection
CreateRoundRectRgn
SetDCBrushColor

winmm

mmioOpenA

user32

OpenInputDesktop
DdeCreateDataHandle
WaitForInputIdle
SetPhysicalCursorPos
NotifyWinEvent
GetCursor
GetClipboardViewer
GetSubMenu
GetComboBoxInfo
SetWindowLongW
GetDlgCtrlID
SetMenuDefaultItem
GetProcessWindowStation
MoveWindow

advapi32

ImpersonateLoggedOnUser

rpcrt4

RpcServerUseProtseqExW

kernel32

GetCommandLineW
GlobalFindAtomW
PostQueuedCompletionStatus
GetThreadTimes
GetThreadId
GetCurrentProcessorNumber
CloseHandle
ApplicationRecoveryFinished
CreateTimerQueue
GetVersion
FindVolumeClose

shlwapi

SHRegGetValueA
SHGetValueA

secur32

VerifySignature

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ