543ffa7a21b91d5ad1ff453c979d041e_JaffaCakes118 | Triage

Sharing

General

Target

543ffa7a21b91d5ad1ff453c979d041e_JaffaCakes118
Size

384KB
MD5

543ffa7a21b91d5ad1ff453c979d041e
SHA1

3e50dfebfb210519b6e1afc6a7ceb7fad7846524
SHA256

ea44b595edaa99e4c24c70411c3298eb4e97531a6fb8ddf458a55953a7f2b024
SHA512

490696054c13fb3f2c5f14d6e281efbd52bfb95b6956c57ef60b75f58c4f7796d052bf8fa2b51060aaffc34302e40cb021074854fdf0227cb9f8eab24e429b82
SSDEEP

3072:F7Vi2ZjS5wneN5tdugl14+GATOPp0EFEE:C5weN5tI8ijWOPnE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
543ffa7a21b91d5ad1ff453c979d041e_JaffaCakes118

Files

543ffa7a21b91d5ad1ff453c979d041e_JaffaCakes118
.exe windows:3 windows x86 arch:x86

fd84fd5b912a7c9fd6851b89c215e50f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
DeleteCriticalSection
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetModuleHandleA
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
HeapAlloc
HeapDestroy
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
ReadFile
SetLastError
Sleep
VirtualAlloc
lstrcmpiA
lstrlenA

user32

DestroyWindow
DialogBoxParamA
EndDialog
GetClientRect
GetFocus
GetSysColor
GetSystemMetrics
GetWindowLongA
IsDlgButtonChecked
LoadCursorA
PostMessageA
PostQuitMessage
SendMessageA
SetTimer
wsprintfA

Sections

CODE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 326KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ