04b6c39cb9116c2471d8472b372511cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04b6c39cb9116c2471d8472b372511cd_JaffaCakes118
Size

838KB
MD5

04b6c39cb9116c2471d8472b372511cd
SHA1

826992596b89b5107cb5aed1013da3d50c522a25
SHA256

e790fc0ef11835e2498dd0c8a99a96194eb00ecf8755d4958846d9bb325ec959
SHA512

4a05281365167f1ed4f6a23e476e309f8a962ca525286816b3510cf2b69072bc9ea7b94f1f57c03fdb2aec1bf99c7d7cd991d22b4973c4af4a6a7a5c86022455
SSDEEP

24576:R49AHoj8hIFVDPdk59CYx0AcP+ZbVJdnqXr8M:R42RIjTGGYfHdVJRf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04b6c39cb9116c2471d8472b372511cd_JaffaCakes118

Files

04b6c39cb9116c2471d8472b372511cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4459334fb19da76251d237a9aeb6abe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
LocalFree
lstrlenA
UnmapViewOfFile
PulseEvent
CreateThread
SetEvent
SetLastError
Sleep
CreateFileA
CreateProcessA
HeapCreate
GetCurrentDirectoryA
LocalUnlock
GetTickCount
GetModuleHandleA
GetSystemTime
LoadLibraryExA
GetCommandLineW
CloseHandle

user32

CheckRadioButton
SetFocus
DrawEdge
DispatchMessageA
CreateWindowExA
IsWindow
GetScrollBarInfo
GetKeyState
DrawMenuBar
FillRect
GetDC
CallWindowProcA
GetDlgItem

clbcatq

SetupOpen
ComPlusMigrate
SetSetupSave
DllGetClassObject
CheckMemoryGates

inetcpl.cpl

OpenFontsDialog

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE