1bb5c3b9d79b85a044f5f9f888a7a884_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bb5c3b9d79b85a044f5f9f888a7a884_JaffaCakes118
Size

36KB
MD5

1bb5c3b9d79b85a044f5f9f888a7a884
SHA1

f20bfb2559ccca0e8309146c7762a23ba5a76444
SHA256

ef985d5c1ffd1304b15c45abf310f485eb82e2a143b53e511dcac548c9f5f677
SHA512

d2051f4809f0dd6846fffeeae30bc3118317799b9137c61e7b7105d2676d2248dcb623dca519a6915d195ec2cb8e90c5421c114341cbc6dc0ecf3b3000f6ba68
SSDEEP

384:AWpq96bDDhyOpK+7/wOzQmeFCuSuJkPRhprJ4Sz7e+ioyySyRyJyayzyjFCy6yyI:Q6rhv0XeQlFCuSuJCrrHe9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bb5c3b9d79b85a044f5f9f888a7a884_JaffaCakes118

Files

1bb5c3b9d79b85a044f5f9f888a7a884_JaffaCakes118
.exe windows:4 windows x86 arch:x86

006e0af0741ac0acdaec385e5e3b175f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
CloseHandle
SetEndOfFile
SetFilePointer
ReadFile
GetLastError
WriteFile
GetCurrentProcess
CreateFileA
FlushFileBuffers
GetFileType
GetModuleHandleA
ExitProcess
LocalFree
FormatMessageA
VirtualAlloc

user32

CreateWindowExA
UnregisterClassA
GetActiveWindow
SetWindowTextA
GetDesktopWindow
SendMessageA
PostMessageA
PostQuitMessage
SetFocus
IsWindowVisible
EndDialog
IsWindow
DispatchMessageA
GetSystemMetrics
ShowWindow
PeekMessageA
IsWindowEnabled
MessageBoxA
wsprintfA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ