f6805f3113963e9c93bf241c2845a839_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6805f3113963e9c93bf241c2845a839_JaffaCakes118
Size

369KB
MD5

f6805f3113963e9c93bf241c2845a839
SHA1

0075aa60a80ebd28348e7ae1917239375df20445
SHA256

6fc4fd7b75a32aa453df2fa88d92697aaaac6654951ed51edb36753fae9d6aee
SHA512

779a0e585e0fc53e39a2f86a638b96cfa337d5de7b99b8ce93ce5e96a34406e7a297180d9a618d30f747ea9b7029fc5c80abdad25a9877f015fd5bc7f0a22152
SSDEEP

6144:y5bfUqol32GmCwt3Ncm1pR2tVAdNqDMYD6k6F1+B8yzxmnvwlKfHuR:YjUbdA3NcGutVAdEDMFhFeEnvwS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6805f3113963e9c93bf241c2845a839_JaffaCakes118

Files

f6805f3113963e9c93bf241c2845a839_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4766fa2788ee1d58436211f3165f4cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateFileW
UnmapViewOfFile
lstrcpyA
HeapCreate
CreateThread
GlobalUnlock
GetSystemTime
LocalFree
PulseEvent
GetCurrentDirectoryA
lstrlenA
CloseHandle
LoadLibraryW
FindClose
ResetEvent
GetComputerNameA
Sleep
GetCommandLineW
GetTickCount

user32

CheckRadioButton
IsWindow
GetScrollBarInfo
SetFocus
DispatchMessageA
GetKeyState
CallWindowProcA
GetDC
GetDlgItem
FillRect
DrawEdge
DrawMenuBar
CreateWindowExA

cryptui

CryptUIDlgSelectStoreA
LocalEnroll
CryptUIDlgSelectCA
CryptUIDlgCertMgr
WizardFree

timedate.cpl

CPlApplet

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ