03bfb7f729a500a3ae0f66fa2a5af469_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03bfb7f729a500a3ae0f66fa2a5af469_JaffaCakes118
Size

784KB
MD5

03bfb7f729a500a3ae0f66fa2a5af469
SHA1

2322a616f99fa1ef3f4ead49241e30110db21861
SHA256

4151b6ba5f6c6f83e2199e054c04e55c0d36fc2896bfd489009e0f5a9c6f5086
SHA512

aa70393b70db2decee5b5fb57e2bcd86bad770628888073e9bbb46437157f12951851fa19d6fbb073142707c0281f748db00ee74ab7bae21209096f2979b47a7
SSDEEP

12288:YwRMIfWbqRB95hrOAiApP6WmdIUgJMM14jfETaU4H+1m5ms6Xp3VzEJhx0O:fRMIHRf5hrCAp6WmKWl4TaU8+1mUDa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03bfb7f729a500a3ae0f66fa2a5af469_JaffaCakes118

Files

03bfb7f729a500a3ae0f66fa2a5af469_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ae89942ebb4a19cf22ca7dd3e8985de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetPrivateProfileStringA
FindClose
GetFileTime
GetDriveTypeA
CreateEventW
WriteFile
LocalFree
GetEnvironmentVariableW
IsBadStringPtrW
CloseHandle
lstrlenW
InitializeCriticalSection
GlobalFlags
ReleaseMutex
HeapCreate
GetCurrentProcessId
GlobalFree
ReleaseMutex
GetCurrentThreadId

user32

CallWindowProcW
GetSysColor
SetFocus
GetKeyboardType
IsWindow
GetClassInfoA
GetSysColor
EndDialog
CreateWindowExA
DispatchMessageA
DrawTextA
DrawStateW
GetClientRect

pnrpnsp

NSPStartup
NSPStartup
NSPStartup
NSPStartup
NSPStartup

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 774KB - Virtual size: 773KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ