d321172859afbfc17bdfa45462de1010_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d321172859afbfc17bdfa45462de1010_JaffaCakes118
Size

636KB
MD5

d321172859afbfc17bdfa45462de1010
SHA1

945a44a7e5a437163efbd3d436f99b4f24ec1803
SHA256

06aadcbdcb4f0d3bf3449c82127950a9bdb9620a4f84dbc1cf8be26d5fca9c6c
SHA512

5bbdd50ecc0bf64467f91643670d726ab0c99de19501abf1e38cc1b635e14646d157014cc2ad9e6bd69bf5e894a8b6001d52fb56d03a4017ef8a68b806def247
SSDEEP

12288:HkxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz6:HRUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d321172859afbfc17bdfa45462de1010_JaffaCakes118

Files

d321172859afbfc17bdfa45462de1010_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e3331682c8563eee3b3a1286906c7919

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
GetAtomNameA
GetModuleHandleA
HeapCreate
WaitForMultipleObjects
VirtualProtect
CompareFileTime
GetVersion
GetTickCount
InterlockedExchange
GlobalUnlock
GetConsoleCP
CloseHandle
WaitForSingleObject
GetStdHandle
SetConsoleCP
HeapReAlloc
SuspendThread
LoadLibraryExA
lstrlenA
GetCommandLineA

user32

SetWindowPos
CreateCursor
EnableScrollBar
DispatchMessageA
InsertMenuA
GetDlgItem
IsDialogMessage
DialogBoxParamA
GetKeyState
GetCursorInfo
GetKeyboardLayout
DestroyMenu
CreateIcon
CreateMenu
FindWindowA
DrawCaption
CopyImage
SetScrollInfo
DragObject
InvertRect
FillRect
SetPropA

advapi32

RegCreateKeyExA
RegCloseKey
RegEnumKeyA
RegEnumValueA
RegQueryInfoKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ