299d613ade1cb164dbeedb02c4cf8bb6_JaffaCakes118 | Triage

Sharing

General

Target

299d613ade1cb164dbeedb02c4cf8bb6_JaffaCakes118
Size

305KB
MD5

299d613ade1cb164dbeedb02c4cf8bb6
SHA1

6ce7f1bdac0a7662eaed28783602fe441dcceee4
SHA256

d6fe156b9ff5b9d77c6d14255a0d62bac5ef32142ae1e9b0aa3b165e7d2f5daa
SHA512

28c69e3e604107412d71bfa7492a3cead2b86de1d3d2532cdd37fa8931d60d1740561e5d5e95ef898cc1570a21501ea8815cbacb953144f72f3b450b8d147d56
SSDEEP

6144:nfkbA0ODn2xd1hDHjy5yZD20g92ZImaoMtQ1AKe:f3n2L1hDHjAyimvre

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
299d613ade1cb164dbeedb02c4cf8bb6_JaffaCakes118

Files

299d613ade1cb164dbeedb02c4cf8bb6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab1224240c0d2842c6f6bcd85b2c4a09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
FindAtomA
GetFileTime
LoadLibraryW
GetCurrentThreadId
ReleaseMutex
GetCurrentProcessId
TlsGetValue
GetPrivateProfileStringA
LocalFree
GetDriveTypeA
FindClose
GlobalFlags
WriteFile
lstrlenW
IsBadStringPtrW
CreateEventW
GetEnvironmentVariableW
InitializeCriticalSection
HeapCreate

user32

GetClassInfoA
DrawTextA
CallWindowProcW
EndDialog
GetSysColor
GetSysColor
DrawStateW
IsWindow
GetClientRect
GetKeyboardType
DispatchMessageA
CreateWindowExA
SetFocus

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

cryptui

LocalEnroll

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ