JaffaCakes118_7724024e0843d004c58bc8825e1e06de | Triage

Sharing

General

Target

JaffaCakes118_7724024e0843d004c58bc8825e1e06de
Size

170KB
MD5

7724024e0843d004c58bc8825e1e06de
SHA1

4013fa58e1077bd2b237cbbaf3dd4815aa2386ce
SHA256

13623ecfa0ce38023a2988e31d8a8def68156fcb7f28d7bbdc4df75ea871ff69
SHA512

dab6da074a25848cc2615a9f0ca1dbeb51676a3a61fc1265b9bb2dde65e0f4f254fa09a263ced41782e8b4d6dea2b8ab0e50ef13961119dce705a6a536667cc6
SSDEEP

3072:CT2GLin8aGRZrIMFZCEmzDpKd6qj06uc+03MJzBMdgztnIHnfOV:CPmnlWdITPpKd6+06uTZUgRIHfO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7724024e0843d004c58bc8825e1e06de

Files

JaffaCakes118_7724024e0843d004c58bc8825e1e06de
.exe windows:4 windows x86 arch:x86

78e2b1bf30bd5e5df025b4dfcb946794

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICSendMessage
ICOpen
ICClose
ICDecompress

kernel32

GetLongPathNameW
GetLastError
GetModuleHandleW
GetCurrentThreadId
SetThreadContext
CreateFileW
CloseHandle
EnumResourceTypesW
ExitProcess
GetProcAddress
LoadLibraryW
GlobalFree
GetCurrentProcessId
UnhandledExceptionFilter
GetVersionExW

user32

SetRectEmpty
GetWindowPlacement
PostMessageW
SetCursor
InvalidateRect
AdjustWindowRectEx
GetClientRect
FillRect

advapi32

RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegQueryValueExW
RegEnumKeyExW
RegSetValueW

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ