1802022a58eb6004a01bd74ca90e07b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1802022a58eb6004a01bd74ca90e07b0_JaffaCakes118
Size

239KB
MD5

1802022a58eb6004a01bd74ca90e07b0
SHA1

1f284845f659a2bd16c1a6dde576d27c05fbbeeb
SHA256

9fe5e38a00ca3714c17b60d3d5ba150f193e637d69f77fbc1f6142365094d7fa
SHA512

1f2b2b7ac045111e429f0f065c6742a23a7e683df7795b9831fa70cb7613c43539275e65c3f28153ea03457d63a245da553fe5800e3261a3b867e14f06a975a6
SSDEEP

3072:Ishel/y+zsKfttI5r6IgIAmG/OCtCgUPa9Ef0zS8By+crMyww+K5iF4oq:Isk/yuVVm5mIpG9tCgQa9KqSBoOZ5oq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1802022a58eb6004a01bd74ca90e07b0_JaffaCakes118

Files

1802022a58eb6004a01bd74ca90e07b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b1c20833adbb2a15785bb3abe4a5d3e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
CloseHandle
GetCurrentDirectoryA
GetConsoleAliasA
GetLocalTime
FindClose
FindNextFileA
FindFirstFileA
EnumResourceLanguagesA
WideCharToMultiByte
ReadFile
WriteFile
SetFilePointer
GlobalHandle
IsDBCSLeadByte
GetModuleHandleA
VirtualProtect
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess

user32

SendDlgItemMessageA
IsDialogMessageA
SetWindowTextA
GetWindowRect
GetWindowPlacement
SystemParametersInfoW
CallWindowProcA
DefWindowProcA
PtInRect
DeferWindowPos

oleaut32

DispGetIDsOfNames
DispGetIDsOfNames
SafeArraySetIID
CreateErrorInfo
SafeArrayAllocDescriptorEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

comdlg32

GetFileTitleA

oledlg

OleUIBusyA

Sections

.text
Size: 139KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE