1c4c42c385eb07c76c5ba7ad55ad4fe3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c4c42c385eb07c76c5ba7ad55ad4fe3_JaffaCakes118
Size

954KB
MD5

1c4c42c385eb07c76c5ba7ad55ad4fe3
SHA1

6c44670ade60d526118f40326bf0e705ab090299
SHA256

1b34b6a397501f2f23a5d49cec56668ad2ee0b166665027fcfbfb6acff86ca52
SHA512

0975e866ec702f980cce450bd73bc41c5ac5eca0f9ca58b23a2a604a4e6e85bc434971ceaf161531f85cf25ebe4dc5c44218603a95d6721aa3f6bf414b5e8faa
SSDEEP

24576://eKg5QxGX5AGpjff3VJ/4pu8QLdTPwnHHdJMe:/2RQI5AGpjff3VJ/4pu8QLFPgd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c4c42c385eb07c76c5ba7ad55ad4fe3_JaffaCakes118

Files

1c4c42c385eb07c76c5ba7ad55ad4fe3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24fd44f41a1952874118fe2dfd791985

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
SetThreadPriority
HeapAlloc
HeapCreate
HeapDestroy
Sleep
CloseHandle
ReadFile
SetFilePointer
FindResourceA
LoadResource
SizeofResource
WaitForSingleObject
GetModuleHandleA
CreateFileA
ExitProcess

user32

SetDlgItemTextA
EndDialog
wsprintfA
GetDlgItemTextA
SendMessageA
LoadIconA
SetWindowTextA
DialogBoxParamA

gdi32

CreateSolidBrush

comctl32

ord17

winmm

waveOutUnprepareHeader
waveOutReset
waveOutPrepareHeader
waveOutOpen
waveOutGetPosition
waveOutClose
waveOutWrite

msvcrt

_putenv
strlen
sprintf
_timezone
malloc
memset
free
memcpy
strcat
strchr
strcpy
time

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 927KB - Virtual size: 927KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ