df5b21faa535c3d6663e17ba0a5409ba_JaffaCakes118 | Triage

Sharing

General

Target

df5b21faa535c3d6663e17ba0a5409ba_JaffaCakes118
Size

177KB
MD5

df5b21faa535c3d6663e17ba0a5409ba
SHA1

fd7c17f967a807baa7ff809a89547aff277eccd1
SHA256

35a024cdfb0532596c86b3bbd3a5a5ed71d9fc9d11ec4235489fcf8bbc7cd687
SHA512

80d8a316a7d61ea59ca782c7aa11371dcc5acf6ea75bce2f567f8c44615d524ebb46b3d25a3619e9def6ed8917c550cc300709c6d11717c1b51d719d17bfb4a9
SSDEEP

3072:nSYI8ZfkVsgiKTYHDlP7E0RvxBEHWhCx9MEyh3AWRMPrGNPy3sSh9zQjnlEB:nSN8ZMV3i5P7VFnGZyh39qDGRwsY9zMl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df5b21faa535c3d6663e17ba0a5409ba_JaffaCakes118

Files

df5b21faa535c3d6663e17ba0a5409ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed3d600928feba828209e8f40431e60c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICOpen
ICClose
ICSendMessage
ICDecompress

user32

SetRectEmpty
SetCursor
InvalidateRect
GetWindowPlacement
AdjustWindowRectEx
GetClientRect
PostMessageW
FillRect

kernel32

GetModuleHandleW
GetShortPathNameA
GetCurrentThreadId
CreateFileW
GetFileInformationByHandle
GetProcAddress
UnhandledExceptionFilter
EnumResourceTypesW
GetCurrentProcessId
ExitProcess
LoadLibraryW
GlobalFree
GetLastError
CloseHandle
GetVersionExW

advapi32

RegCreateKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegSetValueW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ