d6cbb037bd8b89811dbfb2c58bc50f99_JaffaCakes118 | Triage

Sharing

General

Target

d6cbb037bd8b89811dbfb2c58bc50f99_JaffaCakes118
Size

815KB
MD5

d6cbb037bd8b89811dbfb2c58bc50f99
SHA1

a335c6f97783a84e234ec5c357c7cfe06142c610
SHA256

b818f1f8fae31431f99d412e7cb94380a1de4d0c2bf35ba976a5f51277ffd4af
SHA512

502f3f95b9a1500a7fa46120c84fa6089aa4bd111cb8ee0560a9cfe6c733f1d4dee7c5184392b462efe3789c76aa15f642a80c6307de09243bfc80eacf5d2103
SSDEEP

24576:TF7oyFOKV/8/zukgo/tH0LkDjVUQy47IUE3F3:TFq2oykrHxGQy47IUE13

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6cbb037bd8b89811dbfb2c58bc50f99_JaffaCakes118

Files

d6cbb037bd8b89811dbfb2c58bc50f99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5b30b4f77585e4f4587735a39bca1c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
HeapCreate
CloseHandle
FreeEnvironmentStringsA
GetACP
LocalFree
Sleep
GetModuleHandleA
CreateFileA
CreateFileMappingA
FindAtomA
GetCalendarInfoA
GetConsoleAliasW
LocalLock
TlsGetValue
GetLastError
GlobalUnlock
LoadLibraryExA
GetConsoleCP
WaitForMultipleObjects

user32

DispatchMessageA
FillRect
GetDlgItem
DrawEdge
CallWindowProcA
SetFocus
GetIconInfo
CopyRect
DrawTextA
GetDC
DefWindowProcW
CheckRadioButton
IsWindow
MessageBoxA

setupapi

CM_Add_IDA
SetupCloseInfFile
CMP_Report_LogOn
CM_Add_Range
SetupCloseLog

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ