0555ef10b04dbc6a715c85dedb377c90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0555ef10b04dbc6a715c85dedb377c90_JaffaCakes118
Size

181KB
MD5

0555ef10b04dbc6a715c85dedb377c90
SHA1

4bb0986ba5d33703d201e9d863be6ef6d231a01b
SHA256

a60378eb849d3deb6ca92e39c70e2ade1b6290ae5625ebac0797b38a4124f2a6
SHA512

0bf93a75d5f0eee8a72e5a3628fcea043172b2422947c9a7503016ea3e249e60738420ee8d644af38dad8caf31715a1a0e50dcb7c4234571820ca24768f354e8
SSDEEP

3072:1QibKEj6DqhXV1dv9RBUf5SjCKkjdMykFuIuY/cXeMdDGjwOTLW2vU0Fk:1nQ6jv/BUnjdMFFcuHMdxqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0555ef10b04dbc6a715c85dedb377c90_JaffaCakes118

Files

0555ef10b04dbc6a715c85dedb377c90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27efa539f0ad9a78d835385980ff30b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCP
GlobalUnlock
SuspendThread
WaitForSingleObject
GetModuleHandleA
LoadLibraryExA
lstrlenA
HeapReAlloc
HeapCreate
GetVersion
GetSystemDefaultLangID
GetCommandLineA
WaitForMultipleObjects
CompareFileTime
InterlockedExchange
GetTickCount
CloseHandle
GetStdHandle
GetConsoleCP
GetAtomNameA
VirtualProtect

user32

SetWindowPos
CreateIcon
GetDlgItem
CreateMenu
InsertMenuA
FindWindowA
DestroyMenu
IsDialogMessage
InvertRect
FillRect
EnableScrollBar
GetCursorInfo
SetScrollInfo
CopyImage
GetKeyboardLayout
DrawCaption
DialogBoxParamA
SetPropA
GetKeyState
CreateCursor
DispatchMessageA
DragObject

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ