d26dd05b88221a8515ff4062fbf7f177_JaffaCakes118 | Triage

Sharing

General

Target

d26dd05b88221a8515ff4062fbf7f177_JaffaCakes118
Size

636KB
MD5

d26dd05b88221a8515ff4062fbf7f177
SHA1

cd51d3eae4edf74728027d6885d07a28f1cc2db6
SHA256

578f46397bbfd4c24754882b9cb8ae64d20ece6f08a36d8a039149a6bbe56406
SHA512

51d5bb43618d3aa2da16a557ce4c4177767f773e3af8555a7ea1537bfa2ff19128a3edaefeb30b1e1ee48bcdb99e32223c95ff5e42c5a6225c41e121adb36b96
SSDEEP

12288:WkxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz6:WRUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d26dd05b88221a8515ff4062fbf7f177_JaffaCakes118

Files

d26dd05b88221a8515ff4062fbf7f177_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9ec328763e76069bbd855a0632cade4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCP
LoadLibraryExA
GetVersion
GlobalUnlock
WaitForSingleObject
CompareFileTime
GetStdHandle
VirtualProtect
HeapReAlloc
GetModuleHandleA
GetCommandLineA
GetTickCount
lstrlenA
SuspendThread
GetConsoleCP
InterlockedExchange
CloseHandle
GetSystemDefaultLangID
HeapCreate
WaitForMultipleObjects
GetAtomNameA

user32

GetDlgItem
DragObject
CreateMenu
FindWindowA
CreateIcon
SetPropA
DialogBoxParamA
CopyImage
GetKeyState
InvertRect
CreateCursor
InsertMenuA
SetWindowPos
GetKeyboardLayout
GetCursorInfo
DrawCaption
DestroyMenu
FillRect
IsDialogMessage
SetScrollInfo
DispatchMessageA
EnableScrollBar

advapi32

RegCreateKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ