f97c42e7b7b15980a321d4ee16ba4d56_JaffaCakes118 | Triage

Sharing

General

Target

f97c42e7b7b15980a321d4ee16ba4d56_JaffaCakes118
Size

189KB
MD5

f97c42e7b7b15980a321d4ee16ba4d56
SHA1

ba18a8c2fb2ccfec2f5c27de54a914af66f862f4
SHA256

2c71302bcb0c1f092e815ab70fa095f953eb442b81113e11a77106b6a2a3e6a8
SHA512

a1778dff9094fb3e2c314d3e0f06d53301dae87abb9c5265af4ad861438e9b638acd96f666c13924be209d1158c46a928868e1d3e0c5f4cfc5636a69562f7d17
SSDEEP

3072:OBC+NFXbyd8uFzusZoL77t2ycruRj4Iox4tskjvNxZgoXvXBJtx6Yfa8b1t6PKn:CNN+EnMhuRj8x43VxZgoXvBLs4a8Jt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f97c42e7b7b15980a321d4ee16ba4d56_JaffaCakes118

Files

f97c42e7b7b15980a321d4ee16ba4d56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8afcb52a7f3708e4d61b2dcda8498e8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICOpen
ICSendMessage
ICClose
ICDecompress

advapi32

RegEnumKeyExW
RegSetValueExW
RegCreateKeyW
RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueW

kernel32

GetShortPathNameA
LoadLibraryW
CloseHandle
GetProcAddress
GetFileInformationByHandle
CreateFileW
EnumResourceTypesW
GetModuleHandleW
ExitProcess
GetCurrentProcessId
UnhandledExceptionFilter
GetLastError
GlobalFree
GetCurrentThreadId
GetVersionExW

user32

GetWindowPlacement
SetCursor
PostMessageW
GetClientRect
SetRectEmpty
AdjustWindowRectEx
InvalidateRect
FillRect

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ