1c377a54de5428a14e13260d924d450f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c377a54de5428a14e13260d924d450f_JaffaCakes118
Size

88KB
MD5

1c377a54de5428a14e13260d924d450f
SHA1

12f2f6633b36e22b0563e9b6bae67de2a195a02f
SHA256

aaff598948e15e3bac8f6f7feadf5028dd7e0849b56e5d503730355f35536644
SHA512

144dab8d5dd7c3c8d1c05cc51ca340d3e050406a269fada3a1b63749c1c4a1f7e3a8bbf17a5a72e9fa0c4c2c7dbe40f0a779f77f97ba31b047d9a4e39d5a3826
SSDEEP

1536:PUex2wXwZJQrHlInSjVhjg9lmLcXURrQ8p1dF1OWQJJe1zWZzu1eXtclwH:VwwXFjlInwVhQgqUZQ8RnOhJcWNo/l4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c377a54de5428a14e13260d924d450f_JaffaCakes118

Files

1c377a54de5428a14e13260d924d450f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

00c8f398d1481d6937cf46b922d0b344

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CloseHandle
ExitProcess
GetCommandLineA
VirtualAlloc
GetProcessId
GetSystemInfo
GetModuleHandleA
SetEvent

user32

GetForegroundWindow
GetDC
CreateWindowExA
ReleaseDC
SetWindowPos
SendMessageA
ModifyMenuA
SetScrollInfo
FindWindowA
DestroyMenu
SetWindowTextA
ShowWindow
LoadAcceleratorsA
TranslateAcceleratorA
SetScrollPos
MessageBoxA
TranslateMessage
CreateMenu
DrawTextA
GetMessageA
DestroyWindow
InvalidateRect

gdi32

TextOutA

Exports

Exports

?GetAdkjgdkghdlk@@YGPAXXZ
?GetFJkgrgd@@YGPAXXZ
?GetJKLgjfdlkjgkfdlgjd@@YGPAXXZ
?GetOkfdjgfdghfd@@YGPAXXZ
?GetShgfkjmfjmf@@YGPAXXZ

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ