43498c50db93a3d586b76590b53150e8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43498c50db93a3d586b76590b53150e8_JaffaCakes118
Size

319KB
MD5

43498c50db93a3d586b76590b53150e8
SHA1

521c8101243e43949941308afcaf5d576cacc4ce
SHA256

7bda0c2546ccb2936865329696e40f9f7efc6e7ebcc08cd3b348b750b9676a0c
SHA512

c8d76f4e2bfeee3ce4a5ac46234efec656c4f40db412033e211574de432205b16ba055428bc04257ebe825a7d99b9bcee0ce756f6543e2f687d975509a144c4c
SSDEEP

6144:1ethBacb5VxrU/fKhe6Ubskxl6WGhoku0tzFgfII+Vm+SlS:1et/kiLUbnxl6WGpNFgfIIEm+Sl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43498c50db93a3d586b76590b53150e8_JaffaCakes118

Files

43498c50db93a3d586b76590b53150e8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

735d0a4b32cbd813cca958db7835450a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleSelectionInfo
GetConsoleTitleA
SetTapePosition
ExitThread
GetFullPathNameA
VirtualAllocEx
CloseConsoleHandle
ExitProcess
ResetWriteWatch
SetCommState
VirtualAlloc
FindClose
SetConsoleCtrlHandler
VirtualProtectEx
FindNextFileA
GetSystemWindowsDirectoryA

user32

PostThreadMessageA
ExcludeUpdateRgn
GetClassNameA
GetUserObjectInformationA
IsWindowUnicode
ExitWindowsEx
GetSubMenu
PostThreadMessageW
SendDlgItemMessageA
InSendMessage
UnloadKeyboardLayout
CharNextA
GetClipboardSequenceNumber
GetSysColor
GetPropA

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ