184eed71054fb4f7326bf1dd005d47f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

184eed71054fb4f7326bf1dd005d47f2_JaffaCakes118
Size

636KB
MD5

184eed71054fb4f7326bf1dd005d47f2
SHA1

87b24e14fee45d2c0bf767f16f2f589e693fcc83
SHA256

4318f23f0cbef0dabb64efdb556bb5daff7e1fd1bef94b9f86c5d243654a93c2
SHA512

601ddf17271dbd01a1b8587787e0f37c11d06a9a1f8b748945c9e4c6ebc8ae44e664ef52f543c7e6a02c87218d765369c3cb48aacf653d437b7626fda74b1315
SSDEEP

12288:dukxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz6:duRUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
184eed71054fb4f7326bf1dd005d47f2_JaffaCakes118

Files

184eed71054fb4f7326bf1dd005d47f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d069827c2bbc530957bd69191411120c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetCommandLineA
GetConsoleCP
VirtualProtect
HeapReAlloc
GetVersion
WaitForMultipleObjects
InterlockedExchange
CloseHandle
GetModuleHandleA
CompareFileTime
lstrlenA
SetConsoleCP
GetAtomNameA
GetStdHandle
GetSystemDefaultLangID
GetTickCount
LoadLibraryExA
HeapCreate
GlobalUnlock
SuspendThread

user32

CreateMenu
GetKeyboardLayout
DialogBoxParamA
SetWindowPos
GetCursorInfo
InvertRect
SetPropA
DrawCaption
IsDialogMessage
CreateCursor
SetScrollInfo
FillRect
DestroyMenu
GetKeyState
CopyImage
CreateIcon
GetDlgItem
DragObject
DispatchMessageA
FindWindowA
InsertMenuA
EnableScrollBar

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegEnumKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ