JaffaCakes118_55f7b37e36a3f44ea9c6c8f27e8f6acb | Triage

Sharing

General

Target

JaffaCakes118_55f7b37e36a3f44ea9c6c8f27e8f6acb
Size

241KB
MD5

55f7b37e36a3f44ea9c6c8f27e8f6acb
SHA1

6c9f61aa33c46b7d225f09589e1f186874207446
SHA256

ef44f098cf3112b389d0a7ef1a62c22f17dde8aee78a60da4f9ce5175871d31d
SHA512

9bd41b98f5746bff481524cfe373505715b1ea90f0b83c35981d15cd57978cf58d9887eac773cd64e72af6c79779e5ec8bd92674d1632827b6eb4123605309c1
SSDEEP

3072:lPCFD64MQCLGydmAR18TwbB5bMsMSNcUn8lHftDuNtvrXGBBC6ZZHLPbxVczjtK:leD/zZAP/B5Aq8fuLSzCuZrNY5//z4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_55f7b37e36a3f44ea9c6c8f27e8f6acb

Files

JaffaCakes118_55f7b37e36a3f44ea9c6c8f27e8f6acb
.exe windows:4 windows x86 arch:x86

998f090aa3d1c9b1837612ed873285c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

GetFocus
CallWindowProcA
EndPaint
UnregisterClassA
UnionRect
RegisterClassExA
IntersectRect
GetKeyState
BeginPaint
IsWindow
IsChild
InvalidateRect
GetClientRect
RealGetWindowClassA
SetFocus
GetParent
PtInRect
CreateWindowExA

kernel32

GetLocaleInfoA
CreateFiber
VirtualFree
RtlUnwind
GetACP
GetProcAddress
IsProcessorFeaturePresent
ExitProcess
ResumeThread
HeapAlloc
VirtualQuery
EnumResourceNamesA
UnhandledExceptionFilter
HeapSize
InterlockedCompareExchange
TerminateProcess
LoadLibraryA
VirtualProtect
GetCommandLineA
GetSystemInfo
SetUnhandledExceptionFilter
SetThreadPriority
HeapReAlloc
VirtualAlloc
HeapDestroy
WriteFile

Sections

.text
Size: 222KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ