151dbbc3266950cd20edb74839c40171_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

151dbbc3266950cd20edb74839c40171_JaffaCakes118
Size

271KB
MD5

151dbbc3266950cd20edb74839c40171
SHA1

e9237ddb13606d6a3286450d705446385baa9e16
SHA256

08fbff1683bf2682a52ff31d2d087521440fcd49bcc4b0d0f1935681cb18fcfc
SHA512

ca50f5fc6fdad1bea6b1942c9d7b57c201eb99c65a4c43c7e2e8d29c89bf279ddb8926e430d85faac512f68b123885d01217b819037517b59fc54a81a9f2d757
SSDEEP

6144:cR2syn2vt6PZ4kNhkX9oQJ6uQNix5qeakqTO97juIb0Vq:S2F5kvJi9S97oU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
151dbbc3266950cd20edb74839c40171_JaffaCakes118

Files

151dbbc3266950cd20edb74839c40171_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e45399b29cad53f488cdce4458eddcc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateMutexA
CreateThread
EnterCriticalSection
ExitThread
GetModuleHandleA
GetProcessHeap
GetThreadPriority
GetTickCount
GlobalAlloc
GlobalFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
ResumeThread
SetEvent
SetThreadPriority
Sleep
TerminateProcess
WaitForSingleObject
WriteConsoleA
lstrlenA

user32

CheckDlgButton
GetClassNameW
GetMenuState
IntersectRect
InvalidateRect
IsZoomed
SetMenuDefaultItem
SetWindowTextW
UnionRect
UpdateWindow

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ