JaffaCakes118_962184d85a3c347a4c89582a94a673d6 | Triage

Sharing

General

Target

JaffaCakes118_962184d85a3c347a4c89582a94a673d6
Size

173KB
MD5

962184d85a3c347a4c89582a94a673d6
SHA1

f351f3e4816cf9b09dcae516b16983c2cc622c4e
SHA256

c3aedb214cba93a8ee5bd5e66f82f7af56d337ec37daaa4788f0c67fb95aa4f8
SHA512

714b39c58f329e02326b4cec6cf852c8359533d3df8fac9ff77b940f3503c65ab7d42fff2120ba093f1ebf2f9bc44563e464c62881a108e106a3fb2baea8ac9e
SSDEEP

3072:BvA07MarmdOLq35essMyprfMywF0VeV2/QnB1mFGDn5xwqgAmkCClzvsg/grnxyQ:tMaaUC6My0F0VysoBgFwsc5vn8nxJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_962184d85a3c347a4c89582a94a673d6

Files

JaffaCakes118_962184d85a3c347a4c89582a94a673d6
.exe windows:4 windows x86 arch:x86

baebe5e8c5f94797b4bfe5de75e3a4c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetKeyState
GetClassLongA
CharLowerA

kernel32

GetThreadPriority
LoadLibraryA
TransmitCommChar
InterlockedDecrement
EnumResourceNamesW
ExitProcess
LoadLibraryW
GetProcAddress
FreeLibrary
InterlockedIncrement

msimg32

AlphaBlend
TransparentBlt

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ