dab600209575f6ec852f15d1be766943_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dab600209575f6ec852f15d1be766943_JaffaCakes118
Size

299KB
MD5

dab600209575f6ec852f15d1be766943
SHA1

f5b4b2c15d25c8541093f3ff03e07786c2d41aea
SHA256

2ab4109183484a0f7b411de5a57f5f3947005e47d8b2310b63340a36aa894a6e
SHA512

b69f6205fa6697704e62322cac9fedf6f2cd748686a4410165e8b9d77738b98d99bec49dec95fd73f5c82362e420ec3c70c81542f014050d847ff19a1e773dbf
SSDEEP

6144:iI0dy+Lj3rHByqPYjm1xPbp2KLeuxfYQGWfBqAiPhpVtjvIwih0CApzgb:iI01TByqACjPNPHYzW9+VVv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dab600209575f6ec852f15d1be766943_JaffaCakes118

Files

dab600209575f6ec852f15d1be766943_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe43c0b02ed0aa1ed0143ab255c8ed57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CloseHandle
GetComputerNameA
GetModuleHandleA
SetEvent
GetSystemTime
CreateFileA
GetCommandLineW
SetLastError
LocalUnlock
UnmapViewOfFile
GetConsoleTitleA
CreateThread
GetCurrentDirectoryA
GetTickCount
Sleep
PulseEvent
HeapCreate
LocalFree
LoadLibraryW

user32

FillRect
CheckRadioButton
DrawEdge
IsWindow
GetKeyState
GetDlgItem
GetDC
DrawMenuBar
GetScrollBarInfo
CallWindowProcA
SetFocus
CreateWindowExA
DispatchMessageA

clbcatq

SetupOpen
DowngradeAPL
CheckMemoryGates
UpdateFromAppChange
SetSetupOpen

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ