d1e86c70b95c8974a8551e1fdbce5df0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1e86c70b95c8974a8551e1fdbce5df0_JaffaCakes118
Size

352KB
MD5

d1e86c70b95c8974a8551e1fdbce5df0
SHA1

9c76f3d8e1be2440e63c0a4d5e2af8f9868eccbc
SHA256

1b86384d3f8d518852410351706b2bd412bd5db45944772c164829973d453ba9
SHA512

619e4774cc904d78efa5821032f80de646ab751415059e88022188b10080dda86e451d5427daf348e3d23fe59142f577c5e64d4664fb1c7d51ff0b4f83b47c05
SSDEEP

6144:Smu0zANEa8Li1bWlWjkoCtfwR+RwBT4M9NdX753uSUQ1sab3nJiPDQthul:SP08N5qAWgko8wR54aN7mwsSZ8DQtsl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1e86c70b95c8974a8551e1fdbce5df0_JaffaCakes118

Files

d1e86c70b95c8974a8551e1fdbce5df0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce2c3cb07d4638176cf0c5480c206386

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
GlobalLock
LoadLibraryExW
GetConsoleTitleW
GetSystemTime
LocalFlags
FindClose
VirtualProtectEx
GetModuleHandleA
GetStdHandle
OpenMutexA
LocalFree
GlobalUnlock
CreateEventA
lstrlenA
CloseHandle
IsBadReadPtr
GetACP
GetLastError
FreeConsole

user32

GetKeyState
DialogBoxParamA
GetDlgItemTextA
ClipCursor
IsIconic
LoadCursorA
IsMenu
GetSubMenu
GetMessageA
EndDialog
CreateWindowExA
GetParent
GetMessageA
MessageBoxA

uxtheme

CloseThemeData
GetCurrentThemeName
EnableTheming
DrawThemeText
DrawThemeBackground

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ