1995d6a3beaaf4c0b2ca56383eb3e8fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1995d6a3beaaf4c0b2ca56383eb3e8fb_JaffaCakes118
Size

164KB
MD5

1995d6a3beaaf4c0b2ca56383eb3e8fb
SHA1

5b76d3917cc52b3ecffca6a888ff9ec52e546375
SHA256

a4b1aa96ec8e113c62815250bc109a36a5c29579a044dec59b47ec888659d077
SHA512

a55f096f6afcca8f7589240bc9cb0c65867eb860ace9932cfc97236002b6b42ca833c74de635ea4a2c8f1b6c36d5ec5a6df99a576d9ea3582c0094d9248798c5
SSDEEP

3072:hMQiCd2sdeH3bjE3qdaAcXEoA9Z9irclxpa12E4kOoDHH2pIui0gE891Ydos:hM+e8lY9Z9BYBvDn2pIui9udo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1995d6a3beaaf4c0b2ca56383eb3e8fb_JaffaCakes118

Files

1995d6a3beaaf4c0b2ca56383eb3e8fb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8f586329375baa8fc54b74b6c84ad7f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\zpimtnqnVoyYHh\pxudjFhlndmjst\xleiTvr.pdb

Imports

user32

GetWindow
CopyAcceleratorTableW
CallWindowProcA
CheckMenuItem
InternalGetWindowText
wsprintfA
MessageBoxExW

kernel32

CreateDirectoryA
GetDateFormatA
EnterCriticalSection
LoadLibraryW
GetModuleFileNameA
GetModuleHandleA
EnumSystemLocalesA

msvcrt

_controlfp
__set_app_type
free
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
atol
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs

gdi32

TextOutA
GetClipBox
ScaleViewportExtEx
GetWindowOrgEx
GetDeviceCaps

shlwapi

ord158

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE