000220ee5640d28068e7acab97ad179e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

000220ee5640d28068e7acab97ad179e_JaffaCakes118
Size

244KB
MD5

000220ee5640d28068e7acab97ad179e
SHA1

6cd7b3b4a4c84fd299f03fd12757e48e5cc2269c
SHA256

7baca00950a8c735f9c6e691f8afe6f1da2de8d60c1d279d02518a757b5b137d
SHA512

720638889f62d089b51ffe4943423e8a64eb396299736a93505f878e0a9398ea21a6a414975cd2638fc35a2f940c819fe3d7257349c211e7ac4e285495f2090f
SSDEEP

6144:qLuSoEURaT/d6kM6+pyRM4jTd6mbqv6rV7sFH:qCzEGahLMlpyRMqTgQqSR4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
000220ee5640d28068e7acab97ad179e_JaffaCakes118

Files

000220ee5640d28068e7acab97ad179e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33568fec40260d8b6839941c0f4fba26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
CreateThread
FatalAppExitW
SetErrorMode
FlushViewOfFile
HeapCreate
BuildCommDCBAndTimeoutsW
SetProcessAffinityMask
QueryDosDeviceW
SetConsoleMode

user32

GetWindowRect
UnloadKeyboardLayout
CharToOemW
IsWindow
EnumPropsExA
CreateAcceleratorTableA
InflateRect
GetMenuItemInfoW
OpenWindowStationA
CreateIconFromResourceEx
IsChild
ScrollDC

gdi32

BeginPath
PtInRegion
WidenPath
EnumFontFamiliesW

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE