449fdf3d1a135e23f020d2b1426a4bb4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

449fdf3d1a135e23f020d2b1426a4bb4_JaffaCakes118
Size

26KB
MD5

449fdf3d1a135e23f020d2b1426a4bb4
SHA1

ffd0c31e3a2a945bfd19af2619e88d14d5dacf4d
SHA256

acb8aecb09978dc647f26d98abf474647cca6a5ac7df40b36454b4550d596351
SHA512

dc695070e29baaa863b5252dc9da2ad9a7ca5c30d1ab936907c86bd3482ab6a7df0f000939ee6874fcc8a1b6f79b3a880ccbf09d18f60488c28b2d6e9a82c8ee
SSDEEP

384:sELork1Q3Gr5r5SfiKzYpDzfoOMurpVhjZgLQMRNY6BGftahJHeUpk380AHPP9bo:s2o8Nz4iLCHCgLQgRBYshgkkM7Pq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
449fdf3d1a135e23f020d2b1426a4bb4_JaffaCakes118

Files

449fdf3d1a135e23f020d2b1426a4bb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d23263716a9b8f9043f399723e69df8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileWithProgressA
CloseProfileUserMapping
SetErrorMode
BuildCommDCBA
GetConsoleAliasesW
UTRegister
GlobalHandle
GetProfileIntA
OpenMutexW
GetEnvironmentStrings
SetPriorityClass
SetConsoleMode
GetFileAttributesExA

user32

PostQuitMessage
GetQueueStatus
SendNotifyMessageA
OpenDesktopW
LoadImageA
ChildWindowFromPoint
TrackPopupMenu
HiliteMenuItem
GetWindowRgnBox
AllowForegroundActivation
CreateWindowStationA
GetKeyboardLayoutNameW
BlockInput

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ