f38416a72041d676ca3520f3000c89ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f38416a72041d676ca3520f3000c89ca_JaffaCakes118
Size

16KB
MD5

f38416a72041d676ca3520f3000c89ca
SHA1

9f0e9526c817086122635585eb90a5880d1e0f73
SHA256

152589f61adafc83e960d9e6c6615ebd1ab8f5631ad5397fb29cd9e1fc1722c7
SHA512

7218cc16b59c3b4b5f2432ae79cfb59a924dfb52ff08c3b77b92eabc53d846dbbbd5da2d6aa65c5cbff78d20fcd7862001e5437ee5e887cc832a89339cac6d29
SSDEEP

192:3ZZJgP5vTIZi1HkDlDaxh+C4DaJKu9hAjA470y0777IsBX5De8eIi:3wlIrpmX+LDaj9hAd0P7MsBJe8e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f38416a72041d676ca3520f3000c89ca_JaffaCakes118

Files

f38416a72041d676ca3520f3000c89ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

558a821c9a35a6fe5171f7fc2aa59409

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
VirtualAlloc
GetOEMCP
SetEvent
CancelWaitableTimer
CreateMutexA
GetExitCodeThread
GetThreadPriority
GetThreadTimes
GetModuleHandleA
GetLargestConsoleWindowSize
TlsFree
CreatePipe
ReleaseMutex
GetUserDefaultLangID
GetThreadLocale
GetHandleContext
CompareStringA
AddAtomA
GetConsoleCP
IsDBCSLeadByte

user32

IsWindowVisible
ReleaseDC
GetWindow
GetSystemMetrics
GetActiveWindow
GetClassNameA
RegisterClassA
ShowWindow
GetClassInfoExA
GetDC
IsIconic
InvalidateRect
ValidateRect
GetFocus
GetWindowTextLengthA
CloseWindow
ReleaseDC
GetForegroundWindow
GetWindowTextA

dsound

DirectSoundEnumerateA
GetDeviceID
DllGetClassObject
DirectSoundCreate
DllCanUnloadNow

mscms

CheckColors

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ