d9c957c0bdb31248484a773ca55bc077_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9c957c0bdb31248484a773ca55bc077_JaffaCakes118
Size

717KB
MD5

d9c957c0bdb31248484a773ca55bc077
SHA1

e38ce17284271c4ab03fa33fd0859f42812bd746
SHA256

cdcfd073ab40a99f62eedd70b27af218257f9bca2dcd68b379d4fc7e743244e8
SHA512

b07a4a73b88d60cf4032b859922fc7bde8c2338995477a3d2dccb6c5e9ac293966901775e85beab41fa8d88243ac39f22651d71ff2084518b0d6aa6b51f9b87d
SSDEEP

12288:zUqxSEDT5n4GhQn8LnzB4XG0wBtuycNTpvWLQ8c9GwtW8rsxyC3fpQ:vkyTyxnSN4XG00tsL+LQ8cswQwsYC3hQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9c957c0bdb31248484a773ca55bc077_JaffaCakes118

Files

d9c957c0bdb31248484a773ca55bc077_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9306c79aad42eb2c8696ebfd1812a52d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CompareFileTime
FindAtomA
ResetEvent
LoadLibraryExA
GetAtomNameA
TlsFree
HeapReAlloc
WaitForSingleObject
GlobalUnlock
CloseHandle
GetConsoleCP
HeapWalk
InterlockedExchange
GetModuleHandleA
GetTickCount
GetProfileIntA
VirtualProtect
GetVersion
SetEvent
GetACP

user32

GetKeyboardLayout
SetSysColors
GetSubMenu
InsertMenuA
GetDlgItem
ShowWindow
GetScrollRange
PostMessageA
GetMenu
DestroyMenu
LoadIconA
ModifyMenuA
TranslateMessage
InflateRect
DispatchMessageA
MessageBoxA
PostQuitMessage
GetParent
GetWindowTextA
SetWindowPos
EqualRect
UpdateWindow
GetMenuStringA
GetWindowLongA
SetPropA
CopyRect
ScrollDC
EnableScrollBar
DialogBoxParamA

msi

MsiEnumClientsA
MsiGetMode
MsiDoActionA
MsiEnumProductsA
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ