f1de960b6a31d7a4bd2377df2025a792_JaffaCakes118 | Triage

Sharing

General

Target

f1de960b6a31d7a4bd2377df2025a792_JaffaCakes118
Size

194KB
MD5

f1de960b6a31d7a4bd2377df2025a792
SHA1

c50ce945db56a8a2fe1899a8cba5ee7c74295e2b
SHA256

2302fecc8833997d859dae05079448deda61931ad05bea43e3e8388a00a6b27f
SHA512

006592e5f2b8e297a48e1f2e7ef27023455569541ab9679361be62c79da30461daff42a6f63ed7c3bf40c65c7a4a8cf95bf0a74313b620939ab7cc7bff430fa9
SSDEEP

6144:+VtVcTYzfCfGz2UgK30RkP7LJ9OQo2Ru:+vVfOGKxU0RGJzfR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1de960b6a31d7a4bd2377df2025a792_JaffaCakes118

Files

f1de960b6a31d7a4bd2377df2025a792_JaffaCakes118
.exe windows:4 windows x86 arch:x86

330b138b04e115b472278a0eda49207e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

BeginPaint
IntersectRect
GetFocus
RealGetWindowClassA
IsChild
UnregisterClassA
CallWindowProcA
PtInRect
UnionRect
InvalidateRect
EndPaint
GetParent
SetFocus
GetKeyState
IsWindow
RegisterClassExA
GetClientRect
CreateWindowExA

kernel32

VirtualProtect
GetACP
CreateFiber
HeapReAlloc
SetUnhandledExceptionFilter
VirtualFree
ResumeThread
VirtualQuery
InterlockedCompareExchange
GetProcAddress
GetSystemInfo
GetCommandLineA
EnumResourceNamesA
HeapAlloc
ExitProcess
RtlUnwind
GetLocaleInfoA
TerminateProcess
HeapDestroy
SetThreadPriority
LoadLibraryA
UnhandledExceptionFilter
HeapSize
IsProcessorFeaturePresent
VirtualAlloc
WriteFile

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ