067628db33adbe2fe5a17c7362f39bfc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

067628db33adbe2fe5a17c7362f39bfc_JaffaCakes118
Size

131KB
MD5

067628db33adbe2fe5a17c7362f39bfc
SHA1

12a7b155d0f77b6def2f079eb1de52f01c7cc77c
SHA256

2052151039c78a94d75cbe4742e71b4613434b7f5bbec1365df73914cc789d4c
SHA512

aed38c6d8d71d7576e9802babdb43a7feacd3cb838d98a6f87ac22c5fbbb0dd4042bfa987354604299ae8bad73ea5f61dfdcd1dcfee1fed0fa7bdd8838ff458e
SSDEEP

1536:2G5KxnlWQVdc9xrGu+8KvlcIVqxLehoj4J0kR4sLmv4xOjgPTo7Ypov5kqhmUD/9:2TGn9xzIPx6j41RJBt87Ypoa/UDI4cav

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
067628db33adbe2fe5a17c7362f39bfc_JaffaCakes118

Files

067628db33adbe2fe5a17c7362f39bfc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8b3ad6b40175616e8ca3fb95039dc64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FileTimeToLocalFileTime
FlushFileBuffers
GetCommandLineA
GetFileAttributesW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
LoadLibraryA
SetThreadPriority
VirtualAlloc
VirtualFree

user32

GetCursorPos
KillTimer
LoadBitmapA
LoadIconA
MapWindowPoints
SendMessageA
SetForegroundWindow
SetWindowLongA
SetWindowTextA

gdi32

CreateBitmap
CreateBrushIndirect
ExcludeClipRect
Rectangle
SetROP2
SetViewportExtEx
UnrealizeObject

shell32

CommandLineToArgvW
DragQueryFile
DragQueryFileW
DragQueryPoint
ExtractIconA
ExtractIconW
SHAddToRecentDocs
SHCreateDirectoryExA
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfoW
SHGetFolderPathA
SHGetPathFromIDList
SHGetSpecialFolderLocation

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ