310a7e9ce47023fc8b3d426aeb60be45_JaffaCakes118 | Triage

Sharing

General

Target

310a7e9ce47023fc8b3d426aeb60be45_JaffaCakes118
Size

176KB
MD5

310a7e9ce47023fc8b3d426aeb60be45
SHA1

39fc1c51ee3f7e21c41664b436c6700c8a830149
SHA256

8ba8d49d0fd7255993d39e856494991265858e7f11b8e30909ace0ee2a59d23a
SHA512

0ebdd000c02ae20a3c80faa6924f40e7f102e05edc3115df492caded6a02a6643b5eefe989c31f4f50c8e8db842387b278d7fa7de45cb3cda1b0fd9c9bfa01f0
SSDEEP

3072:27FFmH3uMd8gpEI5P2LnXFCo3yP3xH4xC21LTIoZfE6R47nc+m:27FG8KL2zXyGk4P4QN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
310a7e9ce47023fc8b3d426aeb60be45_JaffaCakes118

Files

310a7e9ce47023fc8b3d426aeb60be45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6015b65b08d88acc6c3dd321b8df50b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetSystemPowerState
GetProcessHeap
FindClose
RemoveDirectoryW
FindFirstFileW
FindNextFileW
TlsSetValue
TlsAlloc
lstrcatA
GetCurrentProcess
WriteConsoleA
GetSystemTime
GetModuleHandleA
GetStartupInfoA

user32

ShowWindow
GetWindowTextW
GetKeyNameTextW
IsDlgButtonChecked
DrawEdge
SetDlgItemTextA
LoadBitmapA
GetMessagePos
UpdateWindow
FindWindowA
GetKeyNameTextA
GetWindowTextLengthW
EnumChildWindows

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

msvcrt

calloc
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
wcslen
fclose
fwrite
fseek
fopen
exit
time
free
malloc
_ftol

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ