d7aced5edc6532c16991a1e8c5873d40_JaffaCakes118 | Triage

Sharing

General

Target

d7aced5edc6532c16991a1e8c5873d40_JaffaCakes118
Size

154KB
MD5

d7aced5edc6532c16991a1e8c5873d40
SHA1

61580e4d3fe2ec1385e2352d51967ce6a5d5da1c
SHA256

c999634888d1c08817538f4171e0cb75cfe4831d56d02d87cadd8a5cf2aa4e45
SHA512

57a6fd6ba5306c4168572b2b58a8d573a31981ce7f7b237b22592a8725b9a1aa8af6868976c3622c4c31fe94cc8547cddab44f7571c004a17380d285ace6e60e
SSDEEP

3072:jMPrpmjM78IWjdJWZdSleKY5MG0inih23hGB2odHwQxswNoqMbFNh:jKyIWJS+49vnXhGB2C3swUt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7aced5edc6532c16991a1e8c5873d40_JaffaCakes118

Files

d7aced5edc6532c16991a1e8c5873d40_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3f42cb7b771a2a1d8c171e3a9821438f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
ExitProcess
GetCommandLineA
OutputDebugStringA
GetStartupInfoA
lstrcmpA
CloseHandle
lstrlenA
OutputDebugStringW
Sleep

user32

UpdateWindow
CreateMenu
MessageBoxA
PostQuitMessage
CreateWindowExA
InsertMenuA
CallWindowProcA
DialogBoxParamA
LoadMenuA

gdi32

SelectObject
GetFontData
DeleteDC
DeleteObject
CreateDCA
CreateCompatibleDC
TextOutA
SelectPalette
PolyTextOutA
BitBlt

comdlg32

ChooseFontA
GetSaveFileNameA

shell32

SHGetFileInfoA

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ