fe63f310842bafd3cdb18bec0f2a4656_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe63f310842bafd3cdb18bec0f2a4656_JaffaCakes118
Size

196KB
MD5

fe63f310842bafd3cdb18bec0f2a4656
SHA1

67dec0880e1ba0efa5aef5c1526ba5a3a176e16f
SHA256

5aa6457dd05245d2238676d8eff874b8d570625fa3cddd7f03bdb414b58207de
SHA512

461137df3973b12510bfa453c4afe7619dc28f7b49398a1ba56e35fcbcb336675cdfb18011faaed1c9b37a01c301efd43cb466d862d40cb12a6d6c2b43e9b1ae
SSDEEP

3072:J0QnPVyyOFmT/LQuMUecvh4VWSQqPV8MKwCTTGW3/Ua7KdmrP9DcY:WyPs8MrWSQwT/a8FY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe63f310842bafd3cdb18bec0f2a4656_JaffaCakes118

Files

fe63f310842bafd3cdb18bec0f2a4656_JaffaCakes118
.exe windows:5 windows x86 arch:x86

57f4bb022e1b17e64faaa2b05d4c7963

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsDirectoryW

kernel32

GetSystemTimeAsFileTime
LocalFree
GetCPInfo
GlobalFlags
FindClose
GetModuleHandleW
GetComputerNameExW
SetSystemTimeAdjustment

comdlg32

PageSetupDlgW
GetOpenFileNameW

user32

InvalidateRgn
RedrawWindow
GetNextDlgTabItem
AdjustWindowRect
RegisterClassExA
GetCaretPos
InternalGetWindowText
SetRect
CreateCaret
GetForegroundWindow
CreateWindowExA
SetWindowLongW
DispatchMessageW
PtInRect
CopyImage
ReleaseDC

gdi32

ResizePalette
SetDIBitsToDevice
GetDeviceCaps
EnumFontsW
LineDDA
StartDocW
AddFontResourceW

comctl32

ImageList_Draw
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Remove

Exports

Exports

ModifyMutexOriginal@16
SendWindowOld@12
LoadVersionOriginal@8
List@8
EnumListItemOld@12

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ