1432c1634f821921cb04453b279eb7b2_JaffaCakes118 | Triage

Sharing

General

Target

1432c1634f821921cb04453b279eb7b2_JaffaCakes118
Size

879KB
MD5

1432c1634f821921cb04453b279eb7b2
SHA1

59bfd20442e460c4c4c8cf155408fc1414c03e4f
SHA256

c0394c5852448726aaf2a68737b061210a238bb30b66cb012b0e9254dc02c59f
SHA512

3638f00ea4d1c66e6f1fcb4782eee39c62aa628f28461a2bbbd7cadd9b85baff6ff383f89ba7b5aa7f077f3971399ee07e09a9226f1e9c8c3bb51bb6804099c3
SSDEEP

12288:e9YXWdlGjSaQYmExBBMnqiMP3PdLgAXnrDMKDsikMrcHwpSm3ETc8gV62v74t1xq:gYmdlGjSfMoqi69zP/gmqc8G62v01k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1432c1634f821921cb04453b279eb7b2_JaffaCakes118

Files

1432c1634f821921cb04453b279eb7b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c90de513e0a210a4b54e9c46759d230c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
DeviceIoControl
GlobalSize
FindClose
DeleteFileA
CreateFileMappingW
CreateFileW
Sleep
LocalFlags
CloseHandle
GetModuleFileNameW
GetConsoleTitleA
IsDebuggerPresent
GetCommandLineA
GetFileTime
GetStartupInfoA
lstrlenA
GetDriveTypeW
HeapCreate
CloseHandle

user32

IsZoomed
IsWindow
BeginPaint
LoadImageA
DispatchMessageA
DispatchMessageA
PeekMessageA
DrawTextW
FillRect
CallWindowProcW
DestroyWindow
DestroyMenu
GetWindowLongW

dssec

DSEditSecurity
DSEditSecurity
DSEditSecurity
DSEditSecurity

imagehlp

ImageUnload

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ