f084f26cee87ab75d14824d5c12e2cbd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f084f26cee87ab75d14824d5c12e2cbd_JaffaCakes118
Size

370KB
MD5

f084f26cee87ab75d14824d5c12e2cbd
SHA1

1be40637572eb16d340d33236cc70cc68cd172b7
SHA256

521e1b81ad7507fe4fbc8ce2a1553455496b1f2e3fb79b4989192dbed43bf9a8
SHA512

8954ebc233311398f62a0e95f0f630f4abcd3294d68064c43148e580cdd9222dba9f34297e841599060bb85c68037ce7a8c51e11c638ab0cc2db38044dcec761
SSDEEP

6144:SQiOdZaxwxAUUT5EEvyUZYW8ONwaxxoMjauKniKFUcMbryhe80COMwrUI0ij0:SQiO+xIUT6QrZFNwOxoMjy/WcMQ6MwJI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f084f26cee87ab75d14824d5c12e2cbd_JaffaCakes118

Files

f084f26cee87ab75d14824d5c12e2cbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

227c0208a7941a6d622ac69daa9c808b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LCMapStringW
GetStdHandle
lstrcpynW
SetHandleCount
GetFileType
lstrcpynA
GetVersion
CreateFileA
TerminateProcess
GetCPInfo
GetModuleFileNameA
LCMapStringA
GetOEMCP
SetFilePointer
lstrcpyA
GetStartupInfoA
WriteFile
GetCurrentProcess
GetACP
GetStringTypeA
GetStringTypeW
GetCommandLineA
MultiByteToWideChar

user32

LoadMenuA
EndDialog
GetWindowTextLengthA
DrawTextW
DrawIcon
IsWindow
CopyIcon
GetWindowTextA
CopyRect
LoadCursorA
InsertMenuA
GetFocus
CreateIcon
GetMenu
GetDC
DrawIconEx
GetDlgItem
CopyImage
IsMenu
GetCursor
DialogBoxParamW

comctl32

DllGetVersion
CreateUpDownControl
CreateMappedBitmap
ImageList_AddIcon
ImageList_DrawEx
ImageList_LoadImageA
ImageList_GetIcon
ImageList_Create
CreateToolbar
ImageList_GetIconSize

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 18.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ