dcc5780d852e49f668ca724b30690d76_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcc5780d852e49f668ca724b30690d76_JaffaCakes118
Size

18KB
MD5

dcc5780d852e49f668ca724b30690d76
SHA1

e8a938524c611ca85ca79126e1cfde6fad307332
SHA256

7d3bd058d22621f3b2a8dd1e4db7569318847deab5f03fd521650b8d41f947c8
SHA512

7ae24761241bf16da7264c6ecd0af0bd35eb260b95dc1fabd06fdfd924f85479dae67270916f7c6400098e395b29c88041b93ddd6ff42775a4bd59d235fc85f1
SSDEEP

192:b3NzTWYKrX/+3YA9s74f4aHDDaiUnmg+hCUiNS4tDKIdU3rOvWt6m66h6EfJ:BC7rX/+3k452itreS4tUrRtR66DR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcc5780d852e49f668ca724b30690d76_JaffaCakes118

Files

dcc5780d852e49f668ca724b30690d76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5744c6594ba65d3d335ed1ba0a6388a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetEnvironmentStringsA
GetModuleHandleA
HeapDestroy
CreateThread
GetCurrentProcessId
GetCurrentProcess
GetACP
DeleteAtom
VirtualProtect
GetLogicalDrives
CreateFileMappingA
GetThreadPriority
InterlockedExchange
CreateHardLinkA
GetCurrentThread
GetCommConfig
GetStdHandle
GetTimeFormatA
HeapCreate
IsDebuggerPresent

user32

DragDetect
GetFocus
SetActiveWindow
GetDlgItem
FrameRect
GetWindowTextLengthA
ReleaseDC
SetForegroundWindow
BeginPaint
ShowWindow
DrawTextA
GetTitleBarInfo
GetClassNameA
GetParent
wsprintfA
EndPaint
FillRect
GetCursorPos
GetWindow

advapi32

RegCloseKey
RegCreateKeyA
RegFlushKey
RegQueryInfoKeyA
RegEnumKeyA

clbcatq

CoRegCleanup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ