f112a7b7c054e72b8521f5a072c0946a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f112a7b7c054e72b8521f5a072c0946a_JaffaCakes118
Size

34KB
MD5

f112a7b7c054e72b8521f5a072c0946a
SHA1

b2268207ea777d07620f983f96f51da34c7bb3bf
SHA256

721d077d0361da5dde95a1fe1903a8f18e6a5de68cc4b54187725c04eb2d0f6f
SHA512

25be76c5e9a48e933cdf4426c06a89dde6d0fad350c7a77c7423490045dfdfa90bbd4ce40a0e705035fc6e99de8ac787a55b5db68a1c89d041c5887829e66406
SSDEEP

768:dJmVrKIUiGCGp24nOpQeVwsZTZiqWy+p40W/qx/:6dKIhGp2/QeVdZLwLW/q9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f112a7b7c054e72b8521f5a072c0946a_JaffaCakes118

Files

f112a7b7c054e72b8521f5a072c0946a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2807786ad490e7e7f6b3bde3f3f6879

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
FreeLibrary
lstrcatA
lstrcpyA
GlobalFree
GetCommandLineA
LocalFree
GetModuleHandleA
GetFileSize
Sleep
LocalAlloc
GetVersionExA

msvcrt

_c_exit
_controlfp
_acmdln
memmove
_initterm
__setusermatherr
_exit
__getmainargs
_except_handler3
wcstoul
wcslen
__p__commode
_XcptFilter
wcschr
rand
exit
_adjust_fdiv
__p__fmode
toupper
__CxxFrameHandler

gdi32

SetPixel
CreateCompatibleDC
GetObjectA
BitBlt
DeleteObject
ExtTextOutA
MoveToEx
GetTextMetricsA
SetBkMode
CreateFontIndirectA
GetDeviceCaps
GetTextExtentPoint32A
GetPixel
SetROP2
PatBlt
SelectObject
CreateSolidBrush
GetStockObject
GetTextColor
LineTo

user32

MessageBoxA
DestroyWindow
BeginPaint
DispatchMessageA
SetFocus
ScreenToClient

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ