18dc8a13173e4460d9dc8c5f076c712a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18dc8a13173e4460d9dc8c5f076c712a_JaffaCakes118
Size

2.0MB
MD5

18dc8a13173e4460d9dc8c5f076c712a
SHA1

ab8481b2fd9792e874cee7f84ce92908b5dccec9
SHA256

f164a62389af3dac4143985e4e2df37698bc0ba23360d684981499d5226c785d
SHA512

90619e4e2784627630489e7d9cb6d65935dfe60802530c91c6214cbc6de941e5fc011b6a06fd93e9e39cbc7c689037795af01d826bcf1e78a5403329efa7d0d8
SSDEEP

12288:vmIt3M11A4pA93OxxXgq+wSP39DEBesk0sAy3b4NBhTlV8l1mNAr0zdTEyXv9hc0:vHcLoQAQUq+l1mdydeU9wmKALggtM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18dc8a13173e4460d9dc8c5f076c712a_JaffaCakes118

Files

18dc8a13173e4460d9dc8c5f076c712a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

21fd2cfb29370bfc0313e642c04a8c71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongA
GetDlgItem
LoadImageW
SetParent
GetActiveWindow
GetWindowLongW
SendMessageW

kernel32

SetUnhandledExceptionFilter
GetModuleFileNameA
DeleteCriticalSection
QueryPerformanceCounter
GetProcAddress
CreateDirectoryW
InterlockedCompareExchange
ExitProcess
lstrcmpW
UnhandledExceptionFilter
GetDiskFreeSpaceA
VirtualAlloc
ReadFile
LoadLibraryA
GetFileType

Sections

.text
Size: 810KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 706KB - Virtual size: 706KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 505KB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ