JaffaCakes118_e11aeb78af62d73220884cbac8dd7d7a | Triage

Sharing

General

Target

JaffaCakes118_e11aeb78af62d73220884cbac8dd7d7a
Size

187KB
MD5

e11aeb78af62d73220884cbac8dd7d7a
SHA1

e6783d5f7733b709b38993dc7e4036911106cfdf
SHA256

a70a3092fec88e868321f17c0d3db4930ddcd30c53cfd7393abbdee3e8655daa
SHA512

a820457558b1609d236efcbb7e7757b3269006f438ee07f3d64389e19f116d202533d152554dba1039238e9dde4c615cf085070b8f06328308a79702c6d18c7d
SSDEEP

3072:lGFzAv4ZmmmKFliAh4biXfAOf2+kpAQJNIM3ybhwWCCkbUbl67E6Z:lwzfZmmFFoAh4biXfje+bQFwtdkslqZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e11aeb78af62d73220884cbac8dd7d7a

Files

JaffaCakes118_e11aeb78af62d73220884cbac8dd7d7a
.exe windows:4 windows x86 arch:x86

f62b30acf5158671d8eaa96b3828111f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

CloseCluster

user32

SetDlgItemTextA
CharNextA
GetActiveWindow
DefWindowProcA
GetKeyState
EndPaint
SetWindowLongA
GetWindowRect
SetFocus
ReleaseDC
LoadAcceleratorsA
BeginPaint
SetWindowRgn
MoveWindow
IntersectRect
EqualRect
GetDC
UnregisterClassA
DestroyWindow
OffsetRect
GetDlgItem
PtInRect
SetParent

kernel32

DeleteCriticalSection
GetModuleFileNameA
GetLongPathNameW
DisableThreadLibraryCalls
GetFileAttributesA
lstrcpyA
InterlockedDecrement
InitializeCriticalSection
HeapFree
FindResourceA
SetThreadContext
LoadLibraryA
lstrlenW
HeapAlloc
lstrcatA
GetProcAddress
EnumResourceTypesA
InterlockedIncrement
lstrcpynA
LockResource
GetProcessHeap
IsBadWritePtr
LoadResource
HeapReAlloc
ExitProcess
MultiByteToWideChar
lstrlenA
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetWindowsDirectoryA
GetVersion
GetLocaleInfoA

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ