035d74693b2586d5cd4f8a50cd151568_JaffaCakes118 | Triage

Sharing

General

Target

035d74693b2586d5cd4f8a50cd151568_JaffaCakes118
Size

66KB
MD5

035d74693b2586d5cd4f8a50cd151568
SHA1

114f7c138f22915090a88ec1a900621ed832d0db
SHA256

251476cbfee3f00a6531398de5c8fd512b00c5c9d3cc4ba5d072f124453a631e
SHA512

45f97d4b2dfae3e2fa3eaa095c8bbcba648827dd2ccbb62c9119c8ee7136eab682ab7d7c5b90b3087c34457837c77d6f71f910390eaab0c5116d173dd1d66fc7
SSDEEP

384:puqo9Bl0uuBLutbA4rjsWVjbeGDdamJClleaGylF6wB0RwGWm6CimkZR55yyn0:gqo9bnlfJzQ3eapNtmNwL55ys0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
035d74693b2586d5cd4f8a50cd151568_JaffaCakes118

Files

035d74693b2586d5cd4f8a50cd151568_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f0a22229f26e8382936d3afadd8fe15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
lstrlenA
ExitProcess
WriteFile
GetStdHandle
lstrcatA
GetCommandLineA
SetConsoleDisplayMode
GetVersionExA
WideCharToMultiByte
Sleep
SetConsoleTitleA
GetCurrentProcessId
GetTickCount
HeapAlloc
CloseHandle
TerminateProcess
OpenProcess
CreateProcessA
HeapReAlloc
HeapFree
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
lstrcpyA
lstrcmpiA
GetConsoleTitleA
lstrcmpA

user32

GetParent
GetWindow
GetWindowLongA
IsWindow
GetForegroundWindow
SetForegroundWindow
SystemParametersInfoA
ShowWindowAsync
GetWindowRect
SetWindowTextA
MoveWindow
SetWindowPos
GetWindowThreadProcessId
GetWindowTextLengthA
GetWindowTextA
GetClassNameA
EnableWindow
ScreenToClient
GetDesktopWindow
EnumWindows
wsprintfA
wvsprintfA
FindWindowA
PostMessageA
EnumChildWindows

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ