d3c24f173de0e6844d88fbacf72163e8_JaffaCakes118 | Triage

Sharing

General

Target

d3c24f173de0e6844d88fbacf72163e8_JaffaCakes118
Size

340KB
MD5

d3c24f173de0e6844d88fbacf72163e8
SHA1

7cda0f6b0b7ab9c41881a1b47e29d53ef79fce3a
SHA256

d405df2fd19742a83c21d1d762745c8b982c4128bc4ff039083572f0dbc74689
SHA512

12f3b96d4d022d35fdf14315ae05a385efa83a82ff249b342f09eee78d05ab5d4d34ad66d37e377fbfc7e88e1990ef9d0ba24cfccfa7b7273b16a7798feea5d6
SSDEEP

6144:EvtHzLcSj5PSXyggMfOLRTYO+9wTLfdvyhEwFUsjRLTt+/sPJ6:mFhgh2R8O+yFqpLh+qJ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3c24f173de0e6844d88fbacf72163e8_JaffaCakes118

Files

d3c24f173de0e6844d88fbacf72163e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

950f6ecc7e1689d59b0685fdf36c7e2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetConsoleCP
CreateFileA
IsDebuggerPresent
IsBadReadPtr
FindClose
FreeEnvironmentStringsA
lstrlenA
GlobalLock
GetACP
CreateEventA
GetModuleHandleA
GetLastError
LocalFree
CreateWaitableTimerA
LoadLibraryExA
HeapCreate
CloseHandle
MapViewOfFile
GetStdHandle

user32

CreateWindowExA
SetFocus
GetDlgItemTextA
IsMenu
ClipCursor
GetSubMenu
GetDlgItem
GetMessageA
EndDialog
DialogBoxParamA
RedrawWindow
CheckMenuItem
GetParent
DrawIconEx

apphelp

ApphelpShowDialog
SdbCloseDatabase
ApphelpCheckIME
ApphelpCheckRunApp
SdbFindFirstTag

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ