d90772cad31a0ce88d0bf2c623b295de_JaffaCakes118 | Triage

Sharing

General

Target

d90772cad31a0ce88d0bf2c623b295de_JaffaCakes118
Size

272KB
MD5

d90772cad31a0ce88d0bf2c623b295de
SHA1

3309ed44deae3592bb9bf0acf3306faecd658ae6
SHA256

1e250895a6f6259841de0aa6a237ff6f442b2486b669d19d87958e70e7dab725
SHA512

bdc92bbfbd794242770b5a84aa633e1e1798b43ba9947dcb4b0b4a761e4f09a728d5b0ad76c6544b84579d9b57dd22d2835ac35da39ffe84d0caf9320a33b53f
SSDEEP

6144:FnZ8fURX43brkU65X++d0gRBqELqj2TOEnsu6khzv:zrRXgbhKOM0gLq8q9Ensu6g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d90772cad31a0ce88d0bf2c623b295de_JaffaCakes118

Files

d90772cad31a0ce88d0bf2c623b295de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f341610d86382f1e9f4ea1dff106dfd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
HeapFree
SetLastError
GetSystemTimeAsFileTime
GetCurrentProcessId
TlsAlloc
HeapReAlloc
HeapAlloc
EnumSystemLanguageGroupsW
HeapCreate
VirtualAlloc
VirtualFree
VirtualQuery
GetWriteWatch
IsBadWritePtr
HeapDestroy
TlsFree

shell32

SHGetMalloc
SHChangeNotify
SHGetPathFromIDListW

oleacc

CreateStdAccessibleObject
AccessibleChildren

winmm

mciSendCommandA

shlwapi

PathAddBackslashW

user32

SetWindowTextA
LoadImageA
GetDlgItem
LoadStringA
CreateWindowExA
DestroyIcon
GetWindow
GetParent

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ