19dd8495c30e941f543dcf5d853a7795_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19dd8495c30e941f543dcf5d853a7795_JaffaCakes118
Size

295KB
MD5

19dd8495c30e941f543dcf5d853a7795
SHA1

d714ae9cf28e049e0c52384ee2a303f31476b6a4
SHA256

88d894f0fbd1a1530f7f1167c2dcc8673d46f0d2e8f6940ee3d7ac499924da05
SHA512

2459abbfd410b262cd71268fb1ea1885a868224ea12424c73e7483bed9f190c789ae1ff03cff2ce746e388010d42ef3702890a23ebd17f866eacb9deef1f27da
SSDEEP

6144:wy7a3oGUsO3o8fql6qAM/AV+ykqay5djOt/syu7/aMWq7:wiMuvo4vnv3bC/syA/tW6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19dd8495c30e941f543dcf5d853a7795_JaffaCakes118

Files

19dd8495c30e941f543dcf5d853a7795_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8f8ede83bbd4fa68d1fd7df2c6dbb39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
DeleteFileA
EnterCriticalSection
ExitThread
FindClose
GetCurrentThreadId
GetLastError
GetProcessHeap
GetProfileStringA
GetSystemDirectoryA
GetTickCount
GlobalAlloc
InitializeCriticalSection
IsBadCodePtr
LeaveCriticalSection
LoadLibraryA
LocalUnlock
MultiByteToWideChar
SetCurrentDirectoryA
SetErrorMode
SetEvent
SetLastError
Sleep
WaitForSingleObject
WriteConsoleA
lstrlenA

user32

BeginPaint
EqualRect
GetSystemMetrics
GetWindowLongW
InsertMenuItemW
InvalidateRect
IsRectEmpty
IsWindowEnabled
LoadBitmapW
LoadStringW
MessageBeep
PeekMessageW
SetForegroundWindow
TranslateMessage

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ