da2dab7855bbfb42d772ba5ea67fb451_JaffaCakes118 | Triage

Sharing

General

Target

da2dab7855bbfb42d772ba5ea67fb451_JaffaCakes118
Size

56KB
MD5

da2dab7855bbfb42d772ba5ea67fb451
SHA1

062ab92aff52abb26c326a635cb12b771f6cd442
SHA256

2d30e2431e97190b2b5bb09d06b5cabeebf2e6a92a11bc9dbcacb23873286760
SHA512

d515320a2feae661cf07dfed16b2cf95eff0a26cf2c3ec0a439f1db40576ff5eed17e185ccc52b4396437224fede4703d71c313f2c36dda38cdc4413271a3698
SSDEEP

1536:WVx4Jq1skL81gC4WFWQI3oLhblP2JiRMm8q6qWqH:k40sJQESqz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da2dab7855bbfb42d772ba5ea67fb451_JaffaCakes118

Files

da2dab7855bbfb42d772ba5ea67fb451_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4bec8c9e0cbe15fe62d9e232998a051f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
lstrlenA
GetTempPathA
lstrcpyA
FindAtomA
GetVersion
GetTickCount
CloseHandle
WriteFile
CreateFileA
lstrcatA
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
GetLastError
LoadLibraryA
GetTempFileNameA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
GetLocalTime
GetCommandLineA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

wsprintfA
EqualRect
GetCursorPos
GetFocus
GetWindowRect
ClientToScreen
InflateRect
GetCaretPos
IsWindowVisible

shlwapi

SHGetValueA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE