88ba80c7e97f8d3f03bd4dfebfc09668_JaffaCakes118 | Triage

Sharing

General

Target

88ba80c7e97f8d3f03bd4dfebfc09668_JaffaCakes118
Size

431KB
MD5

88ba80c7e97f8d3f03bd4dfebfc09668
SHA1

db0096c7b90fc7c68a167dd32076c1ce82a146f7
SHA256

11bbe7a9082f72b7f78b99cba61025a78e138e8393735cc9d57a4e85add2a16a
SHA512

e6c5785fa8a41587c4e12c7ff4d997bed6c267d04385e9dc8aee72974e2805a0a3ffcd67e386fe875c8da1ec911bd4786fdae192c6771dc4d646fa3943c90175
SSDEEP

6144:BQ8EaK3HpbyqPWah0MlHlHt7pIrBEowSHYvhmYJ8a4Lil3U:BQ8ETlPWm0MlFHBiE/JkLiS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88ba80c7e97f8d3f03bd4dfebfc09668_JaffaCakes118

Files

88ba80c7e97f8d3f03bd4dfebfc09668_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7dc375aa131591b564506c425ecf732

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetMessageA
RegisterClassExA
BeginPaint
LoadStringA
LoadAcceleratorsA
DrawTextA
EndPaint
PostQuitMessage
PostMessageA
DispatchMessageA
SetTimer
EndDialog
wsprintfA
DestroyWindow
SendMessageA
CreateWindowExA
ShowWindow
UpdateWindow
MessageBoxW
LockWindowUpdate
SetDlgItemTextW
SetWindowTextW
DefWindowProcA
DialogBoxParamA
MessageBeep
GetCursorPos
SetWindowLongW
LoadCursorA
ShowCaret

kernel32

ExitProcess
GetCommandLineA
HeapAlloc
GetProcessHeap
GetModuleHandleA
lstrlenA
GetCurrentDirectoryA
GetVersionExA
GetTempPathA
lstrcatA
GetCommandLineW
Sleep
OutputDebugStringA
GetLastError
lstrlenW
MapViewOfFile
GetStartupInfoA
lstrcmpW

gdi32

DeleteDC

shell32

CommandLineToArgvW

Sections

.text
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ