137c509efa4b811a3045754f4c9b5663_JaffaCakes118 | Triage

Sharing

General

Target

137c509efa4b811a3045754f4c9b5663_JaffaCakes118
Size

699KB
MD5

137c509efa4b811a3045754f4c9b5663
SHA1

cfd16266bcdadee45e09ffc6274dd0232152bbf6
SHA256

01a9eab922bfb43a42debf6336b0d7fc232d05dd60a5b638e8e89c129c6abd80
SHA512

5a7fea12af6538ba468a86e2d926a7aff2b3512a4b6142a8c7b4e548e6ee9de0af20e9b81b0686874d12b128668c4b570c595eae5faad0f7198ebd361b9b1a4c
SSDEEP

12288:gebf5sBS2CzQ06StucSAurAuKBpSyD4U4o+tl7h2efPRFZFRqLhwceq:/QbAyKN4p9NfPRFZen

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
137c509efa4b811a3045754f4c9b5663_JaffaCakes118

Files

137c509efa4b811a3045754f4c9b5663_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c052fc66cf728a826a2696d2f52be86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
GlobalAlloc
GetCommandLineA
CloseHandle
lstrlenA
lstrcatA
GlobalFree
CreateEventA
GetModuleHandleA
GetStartupInfoA
Sleep
GetFileSize
LocalAlloc
FreeLibrary
LocalFree
lstrcpyA

gdi32

GetDeviceCaps
GetStockObject
ExtTextOutA
MoveToEx
LineTo
GetBkColor
BitBlt

user32

GetSysColor
DefWindowProcA
SetWindowTextA
EndPaint
ShowWindow
GetMessageA
DispatchMessageA
GetClientRect
DialogBoxParamA
BeginPaint
CreateWindowExA
PostQuitMessage
MessageBoxA

msvcrt

toupper
_controlfp
__p__fmode
__p__commode
_XcptFilter
_acmdln
_initterm

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 692KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ