JaffaCakes118_6384e9cbdf4cea573434e1af49db8e4e | Triage

Sharing

General

Target

JaffaCakes118_6384e9cbdf4cea573434e1af49db8e4e
Size

109KB
MD5

6384e9cbdf4cea573434e1af49db8e4e
SHA1

c8c5bcf6053d1560771514224c7592ffe1b44c7c
SHA256

369129ccf23145959394907b5415911353497de1abdcf48f55ac0a383779e935
SHA512

6916d9f9f287feed28a34dd2a424abf69e09bddbcc560c7d25fd79d060049fcc3b8660f7edb1dcaf1af8544c2fb6a92cd61477a38f65625da37604e16d7e211b
SSDEEP

3072:3TtZ9rAz1znKz+3vImVBpqE4U6Bfw1As/6h3Hv:D1MhKMvImFqE4UBA26hX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6384e9cbdf4cea573434e1af49db8e4e

Files

JaffaCakes118_6384e9cbdf4cea573434e1af49db8e4e
.exe windows:5 windows x86 arch:x86

18c00fe66653584828bfd6f348fa6e8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ValidateRect
IsCharAlphaNumericW
GetActiveWindow
SetWindowPos
OemKeyScan
SetWindowTextA
SetClassLongA

ole32

IIDFromString

kernel32

FreeLibrary
SizeofResource
HeapDestroy
GetStartupInfoA
SetFileAttributesA
GlobalLock
GlobalUnlock
LocalAlloc
HeapCreate
GetSystemPowerStatus
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcAddress
LoadLibraryA
LocalFree
HeapAlloc

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ