JaffaCakes118_024d8058f95dfdac86817d51da5b1bb1 | Triage

Sharing

General

Target

JaffaCakes118_024d8058f95dfdac86817d51da5b1bb1
Size

179KB
MD5

024d8058f95dfdac86817d51da5b1bb1
SHA1

7de9fac919b98fb02cf48a6f4c3e8e20ffafe3e9
SHA256

4b7aa9fc87e7d2505a33ea7923a8a6d952b0dca505709cd8b24410503991a54c
SHA512

8c58c8f7ff0ff48f4e94e33b6d3f385eecb40de4c05a4c55a1a3894bbad3a2bf2fe2cfd6887ba120f42ca339ed7cf2249f56e8ccbc14fb0a25af353ce15f856b
SSDEEP

3072:qv83fAY0v4hsG4z+yRYWEz8cQCbwZa8JJMQxzAunYZVLikI8niGJCvmkBa/7leIb:r30Gcif4cMZa8JvVAhVecJhk0/Ze6B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_024d8058f95dfdac86817d51da5b1bb1

Files

JaffaCakes118_024d8058f95dfdac86817d51da5b1bb1
.exe windows:4 windows x86 arch:x86

73837198f7a477fa082e21012de78996

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

user32

CharNextA
GetKeyState
GetClassLongA
CharLowerA

kernel32

GetThreadPriority
InterlockedDecrement
TransmitCommChar
FreeLibrary
EnumResourceNamesW
ExitProcess
GetProcAddress
LoadLibraryW
LoadLibraryA
InterlockedIncrement

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ