571a97e5cbc40d1f534311aa405459ea_JaffaCakes118 | Triage

Sharing

General

Target

571a97e5cbc40d1f534311aa405459ea_JaffaCakes118
Size

153KB
MD5

571a97e5cbc40d1f534311aa405459ea
SHA1

254954d229d363b52a4678988189874e9627d0e1
SHA256

2cbdd81553988f6c1b79bb4835efd7be297c553d8dab6848b02a89223de9af14
SHA512

44aba85a80e6fe2e6ab5050db3a9f5552fecf0e6c220abcf5463fe697ce8d11e9a06f2fb286c2d3123f096bb33b448569a858fe3c371ef47dbf1ed0c8b5add0e
SSDEEP

3072:qYjKwsJUbzZtfs+Noa9r6uP8pRGXWy7a0cCLR/D2NxnF3u/Ji:qYjDTxX8RGWyO0l5D2tu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
571a97e5cbc40d1f534311aa405459ea_JaffaCakes118

Files

571a97e5cbc40d1f534311aa405459ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f87430b0ccaabfef47df0d24a67b36fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetCommandLineA
GetAtomNameA
SuspendThread
GetConsoleCP
VirtualProtect
GetTickCount
HeapReAlloc
CloseHandle
GetStdHandle
GetSystemDefaultLangID
InterlockedExchange
SetConsoleCP
HeapCreate
WaitForSingleObject
lstrlenA
GetVersion
SearchPathA
CompareFileTime
GetModuleHandleA
WaitForMultipleObjects

user32

DragObject
GetCursorInfo
CopyImage
GetDlgItem
DestroyMenu
SetScrollInfo
GetKeyboardLayout
CreateIcon
CreateMenu
DialogBoxParamA
CreateCursor
DispatchMessageA
GetKeyState
DrawCaption
EnableScrollBar
DispatchMessageA
SetPropA
IsDialogMessage
MessageBoxA
FindWindowA
InvertRect
SetWindowPos
InsertMenuA

advapi32

RegEnumKeyA
RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ