0d3febbaf505c401b690fe4724d3921f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d3febbaf505c401b690fe4724d3921f_JaffaCakes118
Size

367KB
MD5

0d3febbaf505c401b690fe4724d3921f
SHA1

e3b471bc6cb6d757279c0fee15fa14bbe468191b
SHA256

8bc533302e6f850a48c7f7f90d3f991827aa47524f49207d3ff8ff66b60c851f
SHA512

3efda2c880108be92f95bd8de8f3e0639a5c67e42cce7c6b0b51c247b8e4002e93313250031f141e24946215c77ab2940b43d928becc6f89b40a6ebeda318306
SSDEEP

6144:Y1oyIkjbkUqurPTISDArqb4mzwpem1s1ddYzyr0j8rvVYC/INX/JynYFBSyUXy7W:9yIkjvq0KWbtMp/mddYz98rNqPkn2PoB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d3febbaf505c401b690fe4724d3921f_JaffaCakes118

Files

0d3febbaf505c401b690fe4724d3921f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8d82fad794b43116dc551ae1cb47e10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconA

gdi32

PathToRegion
PolyBezier
SetMiterLimit
GetNearestColor
ExtCreatePen
ScaleViewportExtEx
GetWorldTransform
ModifyWorldTransform
MaskBlt
Polyline
GetStretchBltMode

comctl32

ord2

kernel32

FlushFileBuffers
Sleep
SetCurrentDirectoryA
LoadLibraryA
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
GetStdHandle
ReadConsoleOutputA

user32

DlgDirSelectExA
DrawTextA
PtInRect
MessageBoxA
SendDlgItemMessageA
MapDialogRect
GetListBoxInfo

msvcrt

_c_exit
_exit
_XcptFilter
_cexit
exit
__winitenv
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ