560aa95685a18f5d8f4d71a5d9c85858_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

560aa95685a18f5d8f4d71a5d9c85858_JaffaCakes118
Size

105KB
MD5

560aa95685a18f5d8f4d71a5d9c85858
SHA1

6c6d45d6f3d30c2128d8a13eb69e52846a0bb10f
SHA256

ab4d32c0817e667dc4a2ee3f7b2a69fd7982ec3e18644cb9d2b0b83b22355d5d
SHA512

74f0b1137d80af882d039d4fd4693f872b949a303d551579b3a3e84b338ae3bd98fd3c6221777b9ade4f28fe4289f9d5a01819bba07c61f989b247b898b00804
SSDEEP

1536:crLN7GfBmoSkW2+DSpVOFxGFH9erzfOVAT1KAZ4OpPCqJK4eUGJRPXUSQB/k3sPd:cr+2SpVcAdAzfyS34LLCHU63Vr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
560aa95685a18f5d8f4d71a5d9c85858_JaffaCakes118

Files

560aa95685a18f5d8f4d71a5d9c85858_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a26e1e3b067889227c55578f7e4443cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow
EnumDesktopsW
EndDialog
SetPropA
IsCharAlphaNumericW
DialogBoxParamA
SetWindowPos
OemKeyScan

ole32

CoUnmarshalHresult
CoFreeLibrary
OleFlushClipboard

kernel32

GetCurrentThreadId
CopyFileW
CreateProcessW
SizeofResource
HeapDestroy
GetStartupInfoA
AddAtomA
FindAtomW
GetAtomNameA
LocalAlloc
HeapCreate
LocalFree
LoadLibraryExW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetProcAddress

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ