0435862df8dcc9b62f7ac9f5abd63605_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0435862df8dcc9b62f7ac9f5abd63605_JaffaCakes118
Size

330KB
MD5

0435862df8dcc9b62f7ac9f5abd63605
SHA1

1a33738ea5745b8a95233e90dac02276afba9bc2
SHA256

66b6e08e8f5fd9761bfc78fb2bbe0e50f8778965477b8d37fba62155bc669317
SHA512

91339896e8ac24b1df862bc81ce1ea1d743e35ff0d3b11675ff93540398f1f5b31d93f4fa67c6a56c532f1f60c05e0f729db6e9d500d760e06a1417c5c7cc06e
SSDEEP

6144:AGzkC3EKDpjNglMCRxcvTU5+bdP7mcDCGgUAYpfW8TEMqkWwt:fzPDpcMC4TPqcGGBAIJj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0435862df8dcc9b62f7ac9f5abd63605_JaffaCakes118

Files

0435862df8dcc9b62f7ac9f5abd63605_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f8fce6d0f4f24b938ec3551c62286ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
CloseHandle
DeleteCriticalSection
OpenMutexA
SetEvent
GetVersionExW
CreateThread
SearchPathA
GetTickCount
FindClose
ReleaseMutex
lstrlenA
FindAtomA
TlsGetValue
FindResourceExA
Sleep
GetModuleHandleA
GetLastError
VirtualProtect
CreateMutexA

user32

DragDetect
GetMessageA
IsIconic
DialogBoxParamA
CopyImage
CreateWindowExA
EnableWindow
FlashWindow
DispatchMessageA
CloseWindow
EndDialog
CreateMenu
GetKeyState
EqualRect

loghours

DialinHoursDialog
LogonScheduleDialog
DialinHoursDialogEx
DirSyncScheduleDialogEx
DirSyncScheduleDialog

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ