1a8ee5fcdef73c30d974e42b7701a1e8_JaffaCakes118 | Triage

Sharing

General

Target

1a8ee5fcdef73c30d974e42b7701a1e8_JaffaCakes118
Size

318KB
MD5

1a8ee5fcdef73c30d974e42b7701a1e8
SHA1

2ea6a8ed34cdc2651df6f312b9068f3992179169
SHA256

e4c44b88384000e45b9a2c95a56c0e3c05e684388ea6962b0d069e4ef270d159
SHA512

d37ded3a4c7945076e423d802c1b7cbc77a1a9fed45a8ad963a4f82824c88f1ac598fee20d56882a2570ae198b90ca5263b358ffd47b128cf618ab3480f17f9a
SSDEEP

6144:DAwcb7+OtSuCKXh/jnUvOhNdx+P/5S0+aUge:DAwTOwmjtqpsaxe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

1a8ee5fcdef73c30d974e42b7701a1e8_JaffaCakes118

Files

1a8ee5fcdef73c30d974e42b7701a1e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70e245c1cb676b37d0215c0cf84274b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetTimer
SendMessageA
PostQuitMessage
MessageBoxA
KillTimer
GetKeyboardLayout
GetDoubleClickTime
GetDlgItem
EndDialog
DialogBoxIndirectParamA

kernel32

LockResource
LoadResource
MultiByteToWideChar
SizeofResource
GlobalAlloc
lstrlenA
lstrcpyA
lstrcatA
WriteFile
CloseHandle
CreateFileA
ExitProcess
FindResourceA
FreeResource
GetModuleHandleA
GlobalFree
Sleep

comctl32

InitCommonControls

shell32

ShellExecuteA
SHGetSpecialFolderPathA

shlwapi

StrStrA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 962B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE