dd233506d4868f89783263d13eb4ed67_JaffaCakes118 | Triage

Sharing

General

Target

dd233506d4868f89783263d13eb4ed67_JaffaCakes118
Size

373KB
MD5

dd233506d4868f89783263d13eb4ed67
SHA1

438f986fd8499e53d7f1fe1c83660f3f07acf7d9
SHA256

af585a32534dcaa00eb474e52e3d8cbe24d9264634e6ea3ffdb745ceecb1415f
SHA512

8d650291f5891231464667b55e9961fd064777ca0e346fa1300d8ba7f5a658b33612bb1ff8682cae8dbf8911cf3b2069897600badcb0a74efee7522c1b9cbb57
SSDEEP

6144:d3U+0zNqw9nn/wVJBYtp/hQVUv59vBw1TWu9PJjCp8dDg:8ZIH0JFvf0pJa4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd233506d4868f89783263d13eb4ed67_JaffaCakes118

Files

dd233506d4868f89783263d13eb4ed67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65aa73b7fc546bb5a70cb4d816f231c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
FindClose
HeapCreate
CloseHandle
lstrlenA
ResetEvent
PulseEvent
GetCommandLineW
GetCurrentDirectoryA
GetSystemTime
LoadLibraryW
GetModuleHandleA
CreateFileW
GlobalUnlock
LocalFree
GetComputerNameA
lstrcpyA
Sleep
CreateThread
UnmapViewOfFile

user32

CreateIcon
SetFocus
IsWindow
DispatchMessageA
CreateWindowExA
CheckRadioButton
GetCaretPos
DrawEdge
GetDlgItem
GetDC
DrawMenuBar
FillRect
CallWindowProcA

cryptui

LocalEnroll
CryptUIDlgCertMgr
WizardFree
CryptUIDlgSelectStoreA
CryptUIDlgSelectCA

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 299KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ