1706a2670a98cc69d298f1842b58f82e_JaffaCakes118 | Triage

Sharing

General

Target

1706a2670a98cc69d298f1842b58f82e_JaffaCakes118
Size

165KB
MD5

1706a2670a98cc69d298f1842b58f82e
SHA1

c9ac5740088051eaa121765cf46b4dea0c495909
SHA256

a6704b5f5494bcf6cdc390798456f9f3b5efd85d829c9c2b0a588950bd40cd1f
SHA512

a926b764dd5d78200a647b2a17893174023f0f9abb01a21e3548c7daf24c3b4d437a20771f32855855f06b0fd71412bae80f96e96b812ad6fbe3a1ccbc7fc546
SSDEEP

3072:63OVoHi1LVQS7LeS/sxYmXv7VEiY6VxvhIwImPBd8jldm6uHP5KyehXe4i:63s8us+eTVE2XXABdNuv6hXe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1706a2670a98cc69d298f1842b58f82e_JaffaCakes118

Files

1706a2670a98cc69d298f1842b58f82e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61cba9b97a2c3a5f8d30dae940ed00ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetCurrentProcess
WriteConsoleA
TlsGetValue
GetStartupInfoA
GetModuleHandleA
SetSystemPowerState
FindNextFileW
FindFirstFileW
RemoveDirectoryW
FindClose
GetCommandLineA

user32

DrawTextA
GetWindowLongA
GetDC
GetAsyncKeyState
GetClassNameW
EnumWindows
GetClassInfoExA
CharLowerBuffA
GetKeyNameTextW
IsDlgButtonChecked
DrawEdge
SetDlgItemTextA
DefWindowProcW
ReleaseDC
LoadBitmapA

gdi32

CreateFontA
PtVisible
GetPixel
CreateRectRgn
SelectClipRgn
CreateCompatibleDC

msvcrt

malloc
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
time
strncmp
memmove
strchr
atoi
wcslen
exit
realloc
free
_strlwr
_ftol
strcpy
memset
fopen
_exit
_XcptFilter

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ