416595b42464e3e56cb15f15b5260fd6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

416595b42464e3e56cb15f15b5260fd6_JaffaCakes118
Size

48KB
MD5

416595b42464e3e56cb15f15b5260fd6
SHA1

5e46ee5a4770c31e95b6697ef2dccf7266cfd023
SHA256

d9ccc830f75f6b7a772eef2b1e162f7b392708965207bcb7292a67a46ad49c3a
SHA512

2a057b715c65da611ca6da56375861a1c03b3804d4b95705cc3f7d6fb510135f96dce658d103d25ce1deeb05a1b4e5232b04a17cc58c2f95fa9d379a59ca8704
SSDEEP

768:7jyYugI6AII4KK1O6HljTd7I5y84bvnAncT5mhjlhy+aYJ060p+3H+l2:SH6R8KY0l/BI5y84Dnl0lhoFc4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
416595b42464e3e56cb15f15b5260fd6_JaffaCakes118

Files

416595b42464e3e56cb15f15b5260fd6_JaffaCakes118
.exe windows:0 windows x86 arch:x86

1f15ecaa5921ba17ad1ba5f6157986c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetLogicalDrives
lstrcpynW
GetCurrentDirectoryA
GetModuleFileNameA
GetTempFileNameW
SleepEx
ExitProcess
FatalAppExitW
OpenSemaphoreW
SystemTimeToFileTime
RemoveDirectoryA
QueryPerformanceCounter
GetEnvironmentVariableA
GetFileAttributesA
CreateEventA

user32

CharUpperW
LoadMenuW
GetMenuState
GetSysColorBrush
ShowWindow
EnableWindow
GetCursorPos
SetCursorPos
IsWindow
TrackPopupMenuEx
SetWindowLongA
CreateDialogIndirectParamA
LoadIconA
SetTimer
GetFocus
DestroyIcon
PeekMessageA
GetDC
IsChild

gdi32

TextOutW
CreatePalette
CreateCompatibleDC
SetTextColor

advapi32

RegCloseKey
RegQueryInfoKeyW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ