522a2bc3e83ac8149355fab114d1fb66_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

522a2bc3e83ac8149355fab114d1fb66_JaffaCakes118
Size

328KB
MD5

522a2bc3e83ac8149355fab114d1fb66
SHA1

8ebecf623bb7e23534bbe1a665c9bf723c98fb1c
SHA256

6d40b29128872766df0a10656a9f2ab1ad3e09f5842bc81def1d702a46d16584
SHA512

481d499a7cf381f7de995d7ce24dc2a044e914eae47ff6367f8b55999ae5e7fdf88bd914bbfd80b068c2aa8c89dbc0a5d10662e25ad9772a8f99eef92a5f4481
SSDEEP

6144:SXF40QZhED4ZrfWEqfdoQxkibpPz/S75mdFqASxZJeh/wJY8WoONCdT:Aa3hED4ZrfPqfdoQeibluwqBhe/w5rT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
522a2bc3e83ac8149355fab114d1fb66_JaffaCakes118

Files

522a2bc3e83ac8149355fab114d1fb66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc06b724b5f2569e9dc2046d6bdb3864

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetCommandLineA
GetModuleHandleA
InterlockedExchange
WaitForMultipleObjects
GetConsoleCP
CloseHandle
HeapReAlloc
GlobalUnlock
GetSystemDefaultLangID
lstrlenA
SuspendThread
GetProfileIntA
GetTickCount
LoadLibraryExA
AddAtomA
CompareFileTime
VirtualProtect
GetVersion
WaitForSingleObject
GetStdHandle

user32

CopyRect
DragObject
CreateMenu
GetKeyboardLayout
InvertRect
SetPropA
DialogBoxParamA
InsertMenuA
GetDlgItem
GetKeyState
DestroyMenu
DrawCaption
CopyImage
SetScrollInfo
DispatchMessageA
GetCursorInfo
MessageBoxA
EnableScrollBar
CreateCursor
CreateIcon
FindWindowA
SetWindowPos
CreateCaret
IsDialogMessage

advapi32

RegCloseKey
RegCreateKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ