d7b4f35ff3c660a0dbfc3ce84a74680d_JaffaCakes118 | Triage

Sharing

General

Target

d7b4f35ff3c660a0dbfc3ce84a74680d_JaffaCakes118
Size

83KB
MD5

d7b4f35ff3c660a0dbfc3ce84a74680d
SHA1

eb98f8f283ff2eb7b57a22ebac15978b790fb47f
SHA256

d1542300c9eb8ca823956917aeb23fcf00753a11c3fc5a26586e29757ec3a64f
SHA512

ac34c7b1c481bd1cc019720827e7e2cdba956860f514debcd24d6e97a2373320afbd2e287875c4d5dd7b41fdc4392eea0419927f2cfb04b522aab114be4abc57
SSDEEP

768:eUGKKDVX7piAfvR3uQCQ88ZcoexnnnnnnnnnnnnnnnnnnSqlzI4KklsugzPjk+Ok:ePDRN7Rl7cLa4Kk8zLkpioU/qfxTzdq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7b4f35ff3c660a0dbfc3ce84a74680d_JaffaCakes118

Files

d7b4f35ff3c660a0dbfc3ce84a74680d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd0c1ee2ab62082e5d6b31e73a4e45e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetMessageW
MessageBoxExA
MessageBoxExA
LoadMenuW
LoadIconA
DispatchMessageA
GetClassLongA
InsertMenuA
LoadImageW
CharToOemW
GetWindow
PostMessageA
LoadBitmapA

cmutil

CmMalloc
CmRealloc
CmAtolA

kernel32

InterlockedIncrement
CreateProcessA
ReadConsoleW
GetFileAttributesA
LoadLibraryExA
lstrcpy
TlsAlloc
FindResourceExA
SetErrorMode
LocalFileTimeToFileTime
WaitForSingleObject
SetLocalTime
GetTickCount
FindNextFileW
CreateProcessA
GetTempFileNameA
lstrlen
GetProcAddress
CreateJobObjectW
GetCommandLineW
CreateJobObjectW
TlsSetValue
CreateFileA
CreateEventW
lstrlenW
LoadLibraryA

ctl3d32

Ctl3dGetVer
Ctl3dRegister

Exports

Exports

qzsw
junb

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.xml
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE