JaffaCakes118_20460809f2608eacd737b850a0e44410 | Triage

Sharing

General

Target

JaffaCakes118_20460809f2608eacd737b850a0e44410
Size

186KB
MD5

20460809f2608eacd737b850a0e44410
SHA1

6744a7798c23c3deb2df6922556cb4e519986dfa
SHA256

66a81de263d39c6e6c435df1b9ed54bbd7567fb949fef98c3d071f9f171e960e
SHA512

10e64282441f652f97b584c299957a820a25e797e104cac0b3f719708912adecd8441db8dcaee557b175bdec2c099e30d7201cbfac2bf198f33c73c7e4385bf4
SSDEEP

3072:cXqjA7PrysZG9h9cBO3klmMU5+RHGKPS3MNlJ1mfjNgHC0q8Tkm4:jjiTys+h9V3QU5+1mrNp0lTF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_20460809f2608eacd737b850a0e44410

Files

JaffaCakes118_20460809f2608eacd737b850a0e44410
.exe windows:4 windows x86 arch:x86

bedbbed77da9206809e79e2dab13d9b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow
SetFocus
GetWindowRect
SetDlgItemTextA
IntersectRect
MoveWindow
ReleaseDC
LoadAcceleratorsA
SetWindowLongA
CharNextA
GetKeyState
EndPaint
SetWindowRgn
EqualRect
GetDlgItem
BeginPaint
DestroyWindow
UnregisterClassA
OffsetRect
PtInRect
GetDC
DefWindowProcA
SetParent

clusapi

CloseCluster

kernel32

InterlockedIncrement
GetLongPathNameW
DeleteCriticalSection
InitializeCriticalSection
SetThreadContext
GetFileAttributesA
GetWindowsDirectoryA
GetModuleFileNameA
lstrcpynA
LoadLibraryA
EnumResourceNamesA
MultiByteToWideChar
InterlockedDecrement
ExitProcess
GetProcAddress
GetVersion
DisableThreadLibraryCalls
GetLocaleInfoA

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ