f3131ea388ca86c566a14f20bb403841_JaffaCakes118 | Triage

Sharing

General

Target

f3131ea388ca86c566a14f20bb403841_JaffaCakes118
Size

122KB
MD5

f3131ea388ca86c566a14f20bb403841
SHA1

0031c01a2f8c8df8832fc67c3bd2a6ac18acb2d6
SHA256

fe6c64e1fbe21b2b0507f76121045ebfffa9c1007f2cfaa97bc46e699f55b2ad
SHA512

a2c8ad586b3ed66ec05bacacff830710a6b35c1966db6a61906d69297570f3d573252385be831ce25059eda252daddbb7605f657abc3114591c0230d619380ab
SSDEEP

3072:8sSZUJnF1Rrv20d1zbkXP2c8AaBDkLPxOtU4TxH:8syUJnF1RLtfBSLPx2B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3131ea388ca86c566a14f20bb403841_JaffaCakes118

Files

f3131ea388ca86c566a14f20bb403841_JaffaCakes118
.exe windows:5 windows x86 arch:x86

054bd550ba12c4cde561439ff1caeeab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
EnumDesktopsW
GetMenuCheckMarkDimensions
SetWindowPos
ValidateRect
SetWindowTextA
DialogBoxParamA
OemKeyScan
GetActiveWindow
SetPropA

ole32

OleLockRunning
CoFreeLibrary
CreateAntiMoniker

kernel32

GetCurrentThreadId
CopyFileW
CreateProcessW
SetFileAttributesA
GetStartupInfoA
SizeofResource
HeapDestroy
GetAtomNameA
HeapCreate
LocalAlloc
FindAtomW
LocalFree
AddAtomA
GetModuleHandleW
GetProcAddress
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ