3d60b0a166c139fe4ee4a3c7b5b9fb38_JaffaCakes118 | Triage

Sharing

General

Target

3d60b0a166c139fe4ee4a3c7b5b9fb38_JaffaCakes118
Size

242KB
MD5

3d60b0a166c139fe4ee4a3c7b5b9fb38
SHA1

e0b6f510b18e76b46254fa5c3d917cd223a6656b
SHA256

9329b448a6e631c76d4b18f8ebe7591844f6c11a5c082047ea3f0953ec80332f
SHA512

c308cc3084524d6012604274c711b6511587b683cd77adfc8874fe40f5e584fe55ab5fcbde8949e4f1b06debdac3ce8fbe5048a4c6549343d05e1ebd4f0c6eb1
SSDEEP

6144:9lywTPk/of1/jv2+7H14JlsDw4n9Wmxq8XjzZdj:zxOofd74sv9W5KZh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d60b0a166c139fe4ee4a3c7b5b9fb38_JaffaCakes118

Files

3d60b0a166c139fe4ee4a3c7b5b9fb38_JaffaCakes118
.exe windows:5 windows x86 arch:x86

148e3aa573c4c69c37bda980f9ef1db8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumChildWindows
GetScrollRange
GetCapture
GetDesktopWindow
RegisterClassExW
GetScrollPos
SetWindowTextA
GetPropA

gdi32

DeleteObject
GetArcDirection
CreatePolygonRgn
GetRegionData
GetStockObject
GetRgnBox

ole32

OleSetAutoConvert

comctl32

ord17

advapi32

IsValidSecurityDescriptor

kernel32

SetFileAttributesA
GetStartupInfoA
DeleteCriticalSection
InitializeCriticalSection
GetThreadLocale
GetTickCount
HeapDestroy
HeapFree
GetEnvironmentVariableA
GetLastError
FreeLibrary
LoadLibraryA
GetProcAddress
LocalFree
LocalSize
SetEndOfFile
HeapAlloc
HeapCreate
GetConsoleCP
LocalAlloc

Sections

.text
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ