fe1b0d2dd1c56f0f6e0a48c1192e4477_JaffaCakes118 | Triage

Sharing

General

Target

fe1b0d2dd1c56f0f6e0a48c1192e4477_JaffaCakes118
Size

203KB
MD5

fe1b0d2dd1c56f0f6e0a48c1192e4477
SHA1

6b677d631aad3b6506209c6d3261c8954877e44e
SHA256

23e95008a35961db68a61cc1fd3de41cbfc21fcf0ba152399a03822e112e9ca1
SHA512

657bfcc8b6ebff894f5082b803d16fa0703552fd1bd31bd9ba71bb840e95875337c3fa24466e9d16f9fa6ee5340df571a3f1be24cfaa64ebb6254e4b39b287d7
SSDEEP

6144:Pmc5IX595hfgJyThYzvboOfWzUJtDaypj0tZe:Pmc5m5BGKhYzboOfWgjpjoe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe1b0d2dd1c56f0f6e0a48c1192e4477_JaffaCakes118

Files

fe1b0d2dd1c56f0f6e0a48c1192e4477_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7645bdccef69b38f2dc3831ea61a81e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
SuspendThread
WaitForSingleObject
InterlockedExchange
CompareFileTime
VirtualProtect
CloseHandle
GetAtomNameA
GetVersion
GetTickCount
GlobalUnlock
GetStdHandle
GetCommandLineA
GetSystemDefaultLangID
SetConsoleCP
HeapCreate
HeapReAlloc
lstrlenA
WaitForMultipleObjects
GetConsoleCP
LoadLibraryExA

user32

DragObject
CreateIcon
GetDlgItem
CopyImage
GetCursorInfo
IsDialogMessage
SetScrollInfo
GetKeyState
DispatchMessageA
InsertMenuA
DrawCaption
InvertRect
GetKeyboardLayout
FindWindowA
FillRect
SetWindowPos
EnableScrollBar
SetPropA
DialogBoxParamA
CreateMenu
DestroyMenu

advapi32

RegQueryInfoKeyA
RegCloseKey
RegEnumValueA
RegEnumKeyA
RegCreateKeyExA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ