ddfe0c37baba94c3ce151eb29bb2ca35_JaffaCakes118 | Triage

Sharing

General

Target

ddfe0c37baba94c3ce151eb29bb2ca35_JaffaCakes118
Size

328KB
MD5

ddfe0c37baba94c3ce151eb29bb2ca35
SHA1

d6786a01718d8b1a7e659afb562a3b57e6e804b4
SHA256

d60c07309ea65c2604f3651ae179ea89dec690399af304cf4320f8765fb4cb15
SHA512

79610cd2a38af4b89313940b9f6ea0a540673bd7aeb8c52a7009ee5e7a287cae0d82022a8be592c2a5e6d14b84b33f38246b3376906ce69d08be7f5d5e4ef5b6
SSDEEP

6144:KAK8PwjNi1eM3OcQ7C5ytkvG6hQOAtEiWSbj8Tg9tyE7ejCd4acj:j9Y5ioSsC5+BIK4Tg9EEigRcj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddfe0c37baba94c3ce151eb29bb2ca35_JaffaCakes118

Files

ddfe0c37baba94c3ce151eb29bb2ca35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a550969c8fd262dd210ecba62c3878ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
Sleep
GetSystemTime
CloseHandle
LocalFree
HeapCreate
PulseEvent
LocalUnlock
LoadLibraryW
GetModuleHandleA
CreateFileA
lstrlenA
GetComputerNameA
SetEvent
SetLastError
GetCommandLineW
GetTickCount
UnmapViewOfFile
GetCurrentDirectoryA
GetConsoleTitleA

user32

SetFocus
GetDlgItem
FillRect
IsWindow
DrawMenuBar
DispatchMessageA
CheckRadioButton
GetDC
CreateWindowExA
DrawEdge
GetScrollBarInfo
GetKeyState
CallWindowProcA

clbcatq

SetSetupOpen
CheckMemoryGates
SetupOpen
UpdateFromAppChange
DowngradeAPL

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ