1044833b4caf58c206ca66fab373c5b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1044833b4caf58c206ca66fab373c5b8_JaffaCakes118
Size

637KB
MD5

1044833b4caf58c206ca66fab373c5b8
SHA1

11f689e075f21c2de079bf3513edca6647896341
SHA256

bba1a816f44b6ae64991bfde9fe47731748dcd98315324eeb0ceb40b7086149f
SHA512

95b37b7350d70b71b27c1fdccfe2104faa13c03dbd03698fdd3150393bef4c20b231f92e5eacc08f87ce93a08e11c42c97cf4763efcb8b71e514f311b075a1f2
SSDEEP

12288:XGzKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3:XuoGPyRQXkkJaXrmu05Ak6MRoXyhB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1044833b4caf58c206ca66fab373c5b8_JaffaCakes118

Files

1044833b4caf58c206ca66fab373c5b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c3af472b6aa711db9f9c6c8ddccba05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetACP
GetProfileIntA
CloseHandle
TlsGetValue
GlobalUnlock
WaitForSingleObject
lstrlenA
VirtualProtect
GetAtomNameA
TlsFree
GetTickCount
CompareFileTime
GetConsoleCP
FindAtomA
HeapReAlloc
LoadLibraryA
GetVersion
GetStdHandle
HeapWalk
GetModuleHandleA

user32

DestroyMenu
UpdateWindow
PostMessageA
DispatchMessageA
GetWindowTextA
EnableScrollBar
CopyRect
DialogBoxParamA
GetMenu
ShowWindow
GetDlgItem
GetMenuStringA
InflateRect
LoadIconA
TranslateMessage
GetKeyboardLayout
SubtractRect
GetSubMenu
GetScrollRange
PostQuitMessage
EqualRect
InsertMenuA
PaintDesktop
SetPropA
SetWindowPos
MessageBoxA
ModifyMenuA
CreateCaret

msi

MsiGetMode
MsiDoActionA
MsiEnumProductsA
MsiEnumClientsA
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ