0d942911754190a409344e80c39f64e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d942911754190a409344e80c39f64e9_JaffaCakes118
Size

815KB
MD5

0d942911754190a409344e80c39f64e9
SHA1

35fe5bd89b83f1718f9cc3b07e0c6f68b74af0bd
SHA256

fc0bc3819f955521fe7355db8e409134c75ddd6ec9a3713874d54b05b5ecd991
SHA512

2f3206844dafee41769a366f35c96b73edbd02bf439f18085f28bee3639c1d58544830d49af5934010dcaa32f8ae9012b40ee5a667999367a5c59f63c54c46f3
SSDEEP

24576:paGTUDaQXKEiWQyeIsijnVi4lZILqIKI9mFlDc:paGTQaesMPTILqIN9oA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d942911754190a409344e80c39f64e9_JaffaCakes118

Files

0d942911754190a409344e80c39f64e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b3434046a177eb92be2a12cb120b78ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
FindAtomA
FreeEnvironmentStringsA
CreateFileMappingA
GetLastError
CreateMutexA
HeapCreate
GetACP
GlobalLock
Sleep
TlsGetValue
GetModuleHandleA
CreateFileA
LoadLibraryExW
GlobalUnlock
lstrlenA
FindClose
SetupComm
CloseHandle
ExitProcess

user32

IsWindow
DefWindowProcW
CheckRadioButton
CopyRect
GetIconInfo
GetFocus
FillRect
DispatchMessageA
GetDC
GetDlgItem
DrawEdge
DrawMenuBar
CallWindowProcA
MessageBoxA

uxtheme

DrawThemeIcon
DrawThemeText
GetThemeRect
GetThemeSysInt
DrawThemeEdge

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ