1147f9ab92c4003e01c8b6e04eaf8eab_JaffaCakes118 | Triage

Sharing

General

Target

1147f9ab92c4003e01c8b6e04eaf8eab_JaffaCakes118
Size

50KB
MD5

1147f9ab92c4003e01c8b6e04eaf8eab
SHA1

8df3aaaaeb38666462f4ca2aa04c81f6038be941
SHA256

b2de8754b3f1f4650d55dd1c8a27eada8467e18c32d915474f7cac02b02cc85f
SHA512

63886c08e7a72e5b7e2f1190d8e01ddebec07ed4160cd0b48aabd62c56937a4a713599d4cee7163ebaaf8e0e844fcd79bd94ccbe692b268c7338783011e3da1b
SSDEEP

768:Ps6A48uP8YytJZaFlVzynZoZo4TvyK4jpZjNHw+1IhxMWZ9lTZZ8tLBs5tc6Eq2j:GWP9/Vzyn234jdw+krlTkeaFRT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1147f9ab92c4003e01c8b6e04eaf8eab_JaffaCakes118

Files

1147f9ab92c4003e01c8b6e04eaf8eab_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d446fe7fff6d4e422a9f5d36ebb3222b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrRChrW
StrFormatByteSize64A

kernel32

LoadLibraryExW
SetThreadExecutionState
EnterCriticalSection
GetModuleHandleA
LoadResource
UnlockFile
LoadLibraryA
HeapLock

msvcrt

_controlfp
__set_app_type
perror
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
_cexit
putc
__setusermatherr
strcspn
__getmainargs

gdi32

GetDIBits
RoundRect
CreatePolygonRgn
ResizePalette
CreateRoundRectRgn
RectVisible

user32

IsCharAlphaW
SendMessageW
wsprintfA
WaitForInputIdle
wvsprintfW
EnableScrollBar
EnumChildWindows
GetWindowTextW

Exports

Exports

?FutureProspect@@YGHPADK|U

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE