JaffaCakes118_6d45c29bf430f2c344b5186e9e1cc520 | Triage

Sharing

General

Target

JaffaCakes118_6d45c29bf430f2c344b5186e9e1cc520
Size

130KB
MD5

6d45c29bf430f2c344b5186e9e1cc520
SHA1

0e41360747685639f5caddbb3585decb330e43ae
SHA256

56c61f1d70490f163acb37cd587b32f560a582f06b6010b05aa7dee336ac6b61
SHA512

6c9575943de6e89a0dee0b73ca428917d31d3f223d587e9c440e5d1893075ae6a38223cfa9d2dd9a70b5acda49c6c745c433d85fd0eba5f40f1df11cba2f671b
SSDEEP

3072:3JqZJIYdZ+1+viXzM0VZD1RP/XU/UKKUcjCHevb0:5qZJIYdZ+IviXYcRnU/U2cjCx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6d45c29bf430f2c344b5186e9e1cc520

Files

JaffaCakes118_6d45c29bf430f2c344b5186e9e1cc520
.exe windows:5 windows x86 arch:x86

fe5dcf4e1c7858bb74a14ef6a22bada9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStringTypeA
DeviceIoControl
GetPrivateProfileIntA
CreateDirectoryW
VirtualProtectEx
GetFileAttributesW
SetLastError
GetModuleHandleA
CloseHandle
GetVersionExA
LocalFlags
GetCurrentProcess
HeapFree
GetStdHandle
CreateEventA
GlobalLock
RemoveDirectoryW
FindClose
GetCurrentThread
GetPrivateProfileSectionA
GetFileAttributesW

user32

GetWindowLongW
IsZoomed
IsWindow
IsDialogMessageA
InsertMenuW
SetCursorPos
PostMessageW
DispatchMessageA
wsprintfW
GetWindowTextW
SetFocus
PeekMessageW
LoadCursorW

ntmarta

AccGetExplicitEntries
AccConvertSDToAccess
AccFreeIndexArray
AccConvertAclToAccess

uxtheme

CloseThemeData

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ