f550f29ae39a4bb6831bcbf2c3bf985f_JaffaCakes118 | Triage

Sharing

General

Target

f550f29ae39a4bb6831bcbf2c3bf985f_JaffaCakes118
Size

78KB
MD5

f550f29ae39a4bb6831bcbf2c3bf985f
SHA1

284db7b0efa0365dd33c4acf1e894bc5a5b1451a
SHA256

50bf6ff558c264d627d0744d2e51d5de88e3092e7f4e4f371fc82883aacc1fdc
SHA512

b94dbfcc6b5b917585e712ed51e5f2451e6fe8ef40c93aeb7cfa8a0abdb63258ea76e26eb049c2823923382684cce64545e864682e481df6569d1b2d696e6e5a
SSDEEP

1536:z/F3eoceVCwIA8q1zIUOu0icDIWVV34dPIo9446S:rYUIApzOkkVWdrq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f550f29ae39a4bb6831bcbf2c3bf985f_JaffaCakes118

Files

f550f29ae39a4bb6831bcbf2c3bf985f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4b5d662ef5b437fd1018e971d10fb094

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

wvnsprintfA
StrStrIA

kernel32

FindResourceA
OpenFile
lstrlenA
HeapAlloc
GetProcessHeap
WriteFile
OpenProcess
GlobalAlloc
Sleep
GetFileAttributesA
lstrcatA
GlobalUnlock
lstrcmpiA
CreateFileA
GetPrivateProfileStringA
LoadLibraryA
OpenThread
OpenEventA
Module32FirstW
GetModuleFileNameA
ExitProcess
lstrcmpiW
GetModuleHandleA
lstrcatW
OpenFileMappingW
WriteProfileStringW
CreateToolhelp32Snapshot
OpenSemaphoreW
Module32NextW
CloseHandle
lstrcpyA
QueueUserAPC
WriteProfileStringA

user32

LoadCursorW
RegisterClassExW
ShowWindow
CreateWindowExW
DefWindowProcW

advapi32

OpenThreadToken

shell32

SHGetSpecialFolderPathA

ole32

CoCreateGuid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ