1602d45692efbe7cd26268abd38414a5_JaffaCakes118 | Triage

Sharing

General

Target

1602d45692efbe7cd26268abd38414a5_JaffaCakes118
Size

296KB
MD5

1602d45692efbe7cd26268abd38414a5
SHA1

7d4675d0afc9f6dd28b361065734d36740d86e02
SHA256

c5653c7b25050668e92348ab97b724c6365d33c765f94acddaeb9b3e730c64e6
SHA512

20978c4b0f157cd58e679f61d025bbb584115b5e49641bb3498a6378c74eca2512ea4b88ad3a9196ff9298ed9363fda4804dfca55de0d24da6477c84bc441146
SSDEEP

6144:qYYZ/cdh9oeKkiu/7LvwrTT1OTVn3wSj3kCWNM9TMDknZFk:jYJLKic7cHZMBjLr9TMuZF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1602d45692efbe7cd26268abd38414a5_JaffaCakes118

Files

1602d45692efbe7cd26268abd38414a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b916d7a65dadec6fae272cd5f3a0bf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
ExitProcess
FindResourceExA
HeapDestroy
HeapCreate
ReleaseMutex
GetCommandLineW
DeleteFileA
GetTickCount
GetEnvironmentVariableW
SetEvent
CloseHandle
GetModuleHandleA
GetStartupInfoA
WriteConsoleA
OpenThread
OpenEventW
GetFileAttributesA
CloseHandle
SuspendThread

user32

GetClassInfoA
SetFocus
GetSysColor
PeekMessageA
DispatchMessageA
IsZoomed
CreateIcon
DispatchMessageA
GetWindowLongA
FindWindowA
CallWindowProcW
GetIconInfo
GetKeyState

htui

HTUI_ColorAdjustment
HTUI_ColorAdjustment
HTUI_ColorAdjustment
HTUI_ColorAdjustment

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 287KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ