173f9c065fc144152533acf43757ee40_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

173f9c065fc144152533acf43757ee40_JaffaCakes118
Size

42KB
MD5

173f9c065fc144152533acf43757ee40
SHA1

5744c3d624d1d5149ac0387fde06dec8cce7a61e
SHA256

824c31914ca13b62c5a215313cfb132b13b2578225b6ce1000674b28156c4ee8
SHA512

1af2320789119354fee0109d97d9658d0d5cd657876368efae6d4efcc896d6303352d3eb33a0283cc8b8449be735f4b815c63d5e318002170890e3061673e351
SSDEEP

768:/foD4Z2H62is9AIL1BVVwcEo/GxYq7123q6B2rl6xZ8lDgP:/wD4Z2HK1IpBzao/GxxQBY6z8Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
173f9c065fc144152533acf43757ee40_JaffaCakes118

Files

173f9c065fc144152533acf43757ee40_JaffaCakes118
.exe windows:5 windows x86 arch:x86

010a5be1a33c16a8b12aff40b0d86ae1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
DialogBoxParamA
GetActiveWindow
GetScrollInfo
SetDlgItemTextA
IsCharAlphaA
MessageBoxA
EnumDisplaySettingsA
GetWindowThreadProcessId
GetThreadDesktop
EnumWindows

ole32

CoGetCallerTID

comctl32

ord17

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

HeapDestroy
GetDateFormatA
GetUserDefaultLangID
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
LocalAlloc
GetLocalTime
SetFileAttributesA
IsBadReadPtr
GetTickCount
HeapFree
GetHandleInformation
GetProcAddress
FreeLibrary
LoadLibraryA
GetSystemDefaultLangID
LocalFree
GetTimeFormatA
HeapAlloc
ExitProcess
GetModuleHandleA
HeapCreate

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ