d748931f51c4ead767265a09e6fb7ca8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d748931f51c4ead767265a09e6fb7ca8_JaffaCakes118
Size

341KB
MD5

d748931f51c4ead767265a09e6fb7ca8
SHA1

599041f1febaee455b2278c2c82cccfa855a3245
SHA256

3f8d1d3bccc2fcce4b71a8a9c57bff4cf3199d75399d325b6e0b4dab516b661d
SHA512

1b5ce18b6769513c150d6345610f6332b9624bdebc6a9fecef3c66414d1b0dd57cc638d89e62de01be378c0b087389c25c56c4cf8717291069aff5ca011f6307
SSDEEP

6144:jm37Spg1M7PyaQB74fo4UDblEzNENyRDUVpbCmV73uV1I:jMuWCP/kMWDblsNjDmJu2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d748931f51c4ead767265a09e6fb7ca8_JaffaCakes118

Files

d748931f51c4ead767265a09e6fb7ca8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55185910bfe0a3ab051b4eeca81304f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetSystemTime
CreateEventA
CreateMutexA
CancelIo
GetConsoleTitleA
GlobalLock
FreeConsole
GlobalUnlock
LoadLibraryExW
LocalFree
EnumResourceTypesW
GetLastError
GetStdHandle
IsBadReadPtr
CloseHandle
lstrlenA
VirtualProtectEx
GetModuleHandleA
IsDebuggerPresent

user32

GetSubMenu
IsIconic
GetMessageA
GetDlgItemTextA
EnumWindows
GetKeyState
IsMenu
DialogBoxParamA
GetMessageA
CreateWindowExA
EndDialog
GetParent
LoadCursorA
MessageBoxA

clbcatq

CheckMemoryGates
GetComputerObject
GetCatalogObject
SetSetupOpen
ComPlusMigrate

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ