f227be442de58e79dc6ab23cb89ec810_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f227be442de58e79dc6ab23cb89ec810_JaffaCakes118
Size

171KB
MD5

f227be442de58e79dc6ab23cb89ec810
SHA1

8a5de9ade5c6795e086480258774fe225d7ab7aa
SHA256

c9d29421136be4f3c090da8c3c8b3ce9e9cdd58e6347bfcb9ab480d22a0c3f7b
SHA512

d305da63c28834d4d95ec9f0868f7bf13b38af03b3c3f821208d79bbe24b5d765ae782bebabef4ad03e03a6e3f20826ef9d65a25e5030a3ec8cbf4e3c84bbdb3
SSDEEP

3072:TFI7xaGlGWc1rG++Ps9HZUluFEj8KY6Ld70NznBkhlp/UjyDbB54crz5LM+qH5Mj:RY9YL1G+/AUk8oLdQNzn4lpD74cP5LMG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f227be442de58e79dc6ab23cb89ec810_JaffaCakes118

Files

f227be442de58e79dc6ab23cb89ec810_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5da5f573a3061280192d04c55dbc657c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetLongPathNameW
GetCurrentProcessId
LoadLibraryW
SetThreadContext
GetProcAddress
GetCurrentThreadId
EnumResourceTypesW
CloseHandle
ExitProcess
UnhandledExceptionFilter
GetLastError
CreateFileW
GetModuleHandleW
GetVersionExW

msvfw32

ICSendMessage
ICOpen
ICClose
ICDecompress

user32

PostMessageW
GetClientRect
SetRectEmpty
SetCursor
InvalidateRect
GetWindowPlacement
AdjustWindowRectEx
FillRect

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueW

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ