081933f6e741abc2e1be6db904bb0096_JaffaCakes118 | Triage

Sharing

General

Target

081933f6e741abc2e1be6db904bb0096_JaffaCakes118
Size

286KB
MD5

081933f6e741abc2e1be6db904bb0096
SHA1

05b3cf3e672cb8bfcce35fb968ae47b98810b729
SHA256

6ddfbb99bff729b99607978de8abc94507470babd1dcc78ebe51af46e6066f53
SHA512

2d8621d6429c5a056486eb3ec7b70ce6a7c7066c14741ff43f6a9cbb13d7b747266148aa3a7704d2e0346b513a7eb7f6b8a8ab4050c51cac50a943baa7c553b7
SSDEEP

6144:++YrqYqRr9wMYCmp7jv6M3tZrSAsWp/GIGQM5j+X/rZq/nZK:+rqYw9pY9Xv6M/rDsUbM5+Dw/nZK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
081933f6e741abc2e1be6db904bb0096_JaffaCakes118

Files

081933f6e741abc2e1be6db904bb0096_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72a022d69e7228586d5c38dfa337c50d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntA
GetConsoleCP
GetVersion
GetModuleHandleA
GetStdHandle
VirtualProtect
HeapWalk
CloseHandle
FindAtomA
TlsFree
TlsGetValue
CompareFileTime
LoadLibraryA
WaitForSingleObject
lstrlenA
InterlockedExchange
GetAtomNameA
GetTickCount
GetACP
HeapReAlloc
GlobalUnlock

user32

GetDlgItem
PostMessageA
InsertMenuA
PaintDesktop
SetPropA
MessageBoxA
GetKeyboardLayout
PostQuitMessage
EqualRect
SubtractRect
CopyRect
GetScrollRange
DispatchMessageA
ModifyMenuA
SetWindowPos
DialogBoxParamA
LoadIconA
InflateRect
EnableScrollBar
TranslateMessage
GetWindowTextA
CreateCaret
UpdateWindow
ShowWindow
GetMenuStringA
GetMenu
DestroyMenu

msi

MsiEnumProductsA
MsiGetMode
MsiDoActionA
MsiEnumClientsA
MsiCloseHandle

clbcatq

CoRegCleanup

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ