d34d0939d4c94f2365be7634af2c2c2f_JaffaCakes118 | Triage

Sharing

General

Target

d34d0939d4c94f2365be7634af2c2c2f_JaffaCakes118
Size

18KB
MD5

d34d0939d4c94f2365be7634af2c2c2f
SHA1

2edbc8d9ff66537a127e23531a0cd3d417c34b85
SHA256

4a70836a15e2b6fe312c597cbe88e09a875433efdce80d4d188ee8a65bf68428
SHA512

111e8adfb3ac2db04e143a8f6d4502b62c938ef9efa818fef4f3a27de665f518ca171c65007b8860b85a64c1f7feb6c1bf2cbc92ac52b31c0aeab8a576875397
SSDEEP

192:t/UHm8bqwqRBSRFNmK1Yln+mqNWrLjkggPQEsisjSylVTj4NKOI:tAn3dFIKaGNI1EsRd1j4A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d34d0939d4c94f2365be7634af2c2c2f_JaffaCakes118

Files

d34d0939d4c94f2365be7634af2c2c2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

537652dd057206eda0bcbb9e5adbb41d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapQueryInformation
GetProcessVersion
LoadLibraryExA
GetLogicalDrives
IsDebuggerPresent
GetCurrentThread
GetTapeStatus
GetStdHandle
GetACP
InterlockedExchange
GetEnvironmentStringsA
GetTimeFormatA
GetModuleHandleA
GetCurrentProcessId
HeapDestroy
GetProcessHeap
HeapCreate
GlobalMemoryStatus
CreateIoCompletionPort
VirtualProtect
WaitForSingleObject

user32

GetWindowTextLengthA
EndPaint
BeginPaint
GetWindow
DrawTextA
GetFocus
SetActiveWindow
GetTitleBarInfo
FrameRect
SetForegroundWindow
ReleaseDC
wsprintfA
ShowWindow
FillRect
GetParent
GetClassNameA
DragDetect
GetDlgItem
GetCursorPos

gdi32

CreateBitmap
CreatePalette
CloseFigure
GetLayout
GetClipBox

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ