f711cf94220eaa154a9d022b79cd70fa_JaffaCakes118 | Triage

Sharing

General

Target

f711cf94220eaa154a9d022b79cd70fa_JaffaCakes118
Size

716KB
MD5

f711cf94220eaa154a9d022b79cd70fa
SHA1

1d974e0d50f01a148667962e9b7c5a04ab33cb9e
SHA256

d1fd8193fc844fbcdd6ecdf366d06bd81bf9c30fdb3d8a7b1ca70d8e4bedd435
SHA512

2c460e5233bc5c8b7794708a7581effdc5c8542fcd2c455bc0bcbe90e340678b902c5868b35ab5e63fda139789e9aea54639078e103c346624a5c398275a60a1
SSDEEP

12288:IOa1Z+qy4PhuBWAm1KL1aFZZWBnmdEEG2dh8qSNxkqJQFbxI+C5z1/ScJL:IOMciPwMBFZwn9Efh8BLkkQFK+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f711cf94220eaa154a9d022b79cd70fa_JaffaCakes118

Files

f711cf94220eaa154a9d022b79cd70fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6172e24f4351bdbe3545f0419db323cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
lstrlenA
VirtualProtect
SetEvent
GetSystemTime
InterlockedExchange
GlobalFlags
AddAtomA
GetLocalTime
CloseHandle
FreeConsole
HeapReAlloc
TlsFree
GetTickCount
PulseEvent
GetACP
FindResourceExA
ExitProcess
LoadLibraryW
GetVersion
GetBinaryTypeA

user32

DialogBoxParamA
ScrollDC
SetWindowPos
ShowWindow
GetWindowLongA
DispatchMessageA
InflateRect
GetWindowTextA
EnableScrollBar
GetScrollRange
CopyRect
DestroyMenu
GetMenuStringA
MessageBoxA
PostQuitMessage
EqualRect
GetKeyboardLayout
PostMessageA
TranslateMessage
GetSubMenu
UpdateWindow
LoadIconA
ModifyMenuA
SetSysColors
GetMenu
SetPropA
InsertMenuA
GetDlgItem
GetParent

shlwapi

UrlHashA
UrlCombineA
StrToIntA
StrToIntExA
StrTrimA

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ