JaffaCakes118_22f0cfea08a6b8af4efcb07f7ca78517 | Triage

Sharing

General

Target

JaffaCakes118_22f0cfea08a6b8af4efcb07f7ca78517
Size

162KB
MD5

22f0cfea08a6b8af4efcb07f7ca78517
SHA1

9f1532be424a0dc5db348821eb604aa0e1d43fbe
SHA256

e2758c2829098986eb1830a4a0d628e262124cccd2b5321866d829858f5ece5b
SHA512

fcebe58f7f94cd038a81c3674877b36f839967eedd1cc41d2cadfc188145224a54ab472e006294d94c01ad093a988e40bfad75cf786a8597315a335ad766b979
SSDEEP

3072:PvF2KGJb1yTHHJq0oKI7i5sdFKhfh/ZVY5Fphz808I1BAfgfmhrVQpzqx:V2DB1yTHXem5EEhfKQ0L1BLfm9VQpzqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_22f0cfea08a6b8af4efcb07f7ca78517

Files

JaffaCakes118_22f0cfea08a6b8af4efcb07f7ca78517
.exe windows:4 windows x86 arch:x86

dca59c4f7827725ad37cbb439b67c1f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

user32

CharUpperA
GetKeyState
wsprintfW
MessageBoxA
wsprintfA
CharNextA
GetTopWindow
CharLowerA

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

SetEndOfFile
GetThreadIOPendingFlag
WideCharToMultiByte
CreateFileW
LoadLibraryA
CreateMutexA
InterlockedIncrement
TransmitCommChar
FlushFileBuffers
MultiByteToWideChar
GetTempPathW
SetStdHandle
EnumResourceNamesW
GetModuleFileNameA
InterlockedDecrement
GetProcAddress
FreeLibrary
CloseHandle
LoadLibraryW
ExitProcess
IsBadReadPtr
CompareStringW
GetLastError
CompareStringA
WriteFile
SetEnvironmentVariableA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ