16a014db49513f5c47812ef07fe17661_JaffaCakes118 | Triage

Sharing

General

Target

16a014db49513f5c47812ef07fe17661_JaffaCakes118
Size

276KB
MD5

16a014db49513f5c47812ef07fe17661
SHA1

c09c339fcea12d1fbc6ac89e0785fb04531886cd
SHA256

ca69b44910e2216ae327e528d60a1bd2dcc7bc6b0cc89aa945c5f308b4735e33
SHA512

291ddbaf81501600faa1493d3d43eb5e0b674297be17f0ba6547c7ffb1bbf4b9ec4c17b874af6e43165f8795f0bf1da78546283ccd915ec9d3e7a38a88cc77a5
SSDEEP

6144:zSw7Vez1IbgRV+hfxwETRPtAx9TFup+p5I5FRTuUPts7jv+TL2PZONtuJ/ZfEE:OdziWCfdRk9J3pShJtixIWfR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16a014db49513f5c47812ef07fe17661_JaffaCakes118

Files

16a014db49513f5c47812ef07fe17661_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c8fd70f8df519d00acb0e1d08c1a0dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoA
FileTimeToDosDateTime
FindFirstFileA
FindFirstFileW
FormatMessageA
GetCurrentProcess
GetCurrentProcessId
GetFileSize
GetThreadLocale
GetWindowsDirectoryA
ReadFile
SetFilePointer
SetFileTime
TerminateProcess

user32

DestroyMenu
DrawTextA
EnableMenuItem
EndDialog
GetActiveWindow
GetClassInfoA
GetKeyState
GetWindowLongA
GetWindowPlacement
IsIconic
KillTimer
LoadIconA
SetWindowPos
SetWindowTextA
wsprintfA

gdi32

CreateCompatibleDC
CreateRectRgnIndirect
GetSystemPaletteEntries
GetViewportExtEx
SetPixel
SetTextColor
SetViewportExtEx

shell32

DoEnvironmentSubstW
FindExecutableW
SHGetFolderPathA

comctl32

CreatePropertySheetPageW
ImageList_SetIconSize

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ