1225848fd003549cde077528f75500d5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1225848fd003549cde077528f75500d5_JaffaCakes118
Size

637KB
MD5

1225848fd003549cde077528f75500d5
SHA1

9f7529ba4fe5f128cf3da063f6453103e77bd939
SHA256

2c2eba2e3eaec283da00ade894911b7dc47d7de47334a8f96e62990656231bbf
SHA512

45e14812b84971ea8410e2245922d8ddea5183d3fa494c498fc9a420f04559aefec5b575d9f912c52b2cce5d71aeea518fd287bc74ec8e2619126c6e3da1493d
SSDEEP

12288:5zKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3:xoGPyRQXkkJaXrmu05Ak6MRoXyhB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1225848fd003549cde077528f75500d5_JaffaCakes118

Files

1225848fd003549cde077528f75500d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dcd6cd2a85c8f3ca99769e91dfa62f61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CloseHandle
GetStdHandle
GetAtomNameA
TlsFree
WaitForSingleObject
CompareFileTime
TlsGetValue
VirtualProtect
GetACP
GetVersion
GetModuleHandleA
InterlockedExchange
GlobalUnlock
FindAtomA
LoadLibraryA
GetProfileIntA
HeapWalk
HeapReAlloc
GetTickCount
GetConsoleCP

user32

SetWindowPos
PaintDesktop
ShowWindow
DispatchMessageA
PostMessageA
GetWindowTextA
EqualRect
GetScrollRange
GetKeyboardLayout
DestroyMenu
DialogBoxParamA
GetMenu
GetMenuStringA
MessageBoxA
InflateRect
InsertMenuA
GetSubMenu
SetPropA
EnableScrollBar
CreateCaret
LoadIconA
UpdateWindow
PostQuitMessage
ModifyMenuA
TranslateMessage
SubtractRect
CopyRect
GetDlgItem

msi

MsiGetMode
MsiEnumClientsA
MsiDoActionA
MsiCloseHandle
MsiEnumProductsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ