56ddb3ae0445b157e601f7157bb3e753_JaffaCakes118 | Triage

Sharing

General

Target

56ddb3ae0445b157e601f7157bb3e753_JaffaCakes118
Size

206KB
MD5

56ddb3ae0445b157e601f7157bb3e753
SHA1

636596633a11de92a24025b0cd5bfdf9e344d2c5
SHA256

b4530073224f4784aa35f5ce6cef5dda8355bda49a6e37d6e0178e02fde0db66
SHA512

d564e0c94ae745892ac523f67f690482eaf4b270faf3659c6cced2b111037eb731abdc1db7ccd53a39649da9a6d70cb9c18bd549b9e11796b933c87511d340fc
SSDEEP

6144:QOE0uuVK9uzOLapTiFVfJ/QiNdND1Wk4bH:u0fRoFVR/QiLvW7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56ddb3ae0445b157e601f7157bb3e753_JaffaCakes118

Files

56ddb3ae0445b157e601f7157bb3e753_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab3f4e8910c54eead07c9aa58a0ee425

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDIBColorTable
BitBlt
GetClipBox
GetDCOrgEx

advapi32

RegEnumKeyExA
RegOpenKeyA
GetUserNameA
RegLoadKeyA

kernel32

LoadLibraryA
VirtualAlloc
GetProcessHeap
GetProcAddress
GetStartupInfoA
IsBadHugeReadPtr
ExitProcess
GetCommandLineW

ole32

StringFromIID
GetHGlobalFromStream
CoGetObjectContext

user32

ReleaseCapture
GetSysColorBrush
LoadBitmapA
RemovePropA
RemoveMenu
DrawMenuBar
ReleaseDC
EnableWindow
ScreenToClient
GetMenu
ScrollWindow

Exports

Exports

_r21_FRQ@12
P782m4J
ChXTJ65E
_IgwR7cFkOQ@12

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ