JaffaCakes118_6cea710c094d4c67a99dc1e384bc08ca | Triage

Sharing

General

Target

JaffaCakes118_6cea710c094d4c67a99dc1e384bc08ca
Size

200KB
MD5

6cea710c094d4c67a99dc1e384bc08ca
SHA1

3b5062bf6a692a95f467d7f2be88df65074edfa6
SHA256

a88b4f4a12e3f45fd4b1962f8728d01f9d3545c3a50a222aa65414c537fd4c02
SHA512

4766a2cd0863b0ca3d91bfc7ed1bc7a7f4b7bf59d572004aa3164dd4545d2dfd70738ab5c2c1f49af26ee18c88ebd7d97bdae6ebd4ed33f052bd41f57dacdc20
SSDEEP

6144:C1mobZDoArfYgvnBB1SS1UxSgXcoFA12:CCsYEnBBx4co9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6cea710c094d4c67a99dc1e384bc08ca

Files

JaffaCakes118_6cea710c094d4c67a99dc1e384bc08ca
.exe windows:4 windows x86 arch:x86

35eefe709d66cf99d1d94853186a6392

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetFocus
GetFocus
CallWindowProcA
EndPaint
IsWindow
BeginPaint
IntersectRect
RegisterClassExA
RealGetWindowClassA
GetClientRect
InvalidateRect
UnregisterClassA
PtInRect
GetKeyState
IsChild
UnionRect
GetParent
CreateWindowExA

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

CreateFiber
HeapReAlloc
HeapDestroy
HeapSize
VirtualAlloc
ResumeThread
GetSystemInfo
HeapAlloc
TerminateProcess
GetLocaleInfoA
EnumResourceNamesA
VirtualQuery
LoadLibraryA
GetACP
VirtualProtect
UnhandledExceptionFilter
ExitProcess
VirtualFree
GetProcAddress
SetUnhandledExceptionFilter
SetThreadPriority
GetCommandLineA
InterlockedCompareExchange
RtlUnwind
IsProcessorFeaturePresent
WriteFile

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ