23cfa324c3ff4fa28c72b55b36a212b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23cfa324c3ff4fa28c72b55b36a212b6_JaffaCakes118
Size

451KB
MD5

23cfa324c3ff4fa28c72b55b36a212b6
SHA1

c02b222455def3eb2a59c4650eac07eb2332b272
SHA256

3e65c956e743d07b68fd181ad85876d752cd82c1a1b925a8ce41a2ce91ac6df1
SHA512

cad4f92c3c2772c2a19d1a3abc634af993208d492b36b7f44d8d66454858d4c4ecea5c159aba5580e26990d695b43d1793430356ea8ed9de274b7dbbd631d637
SSDEEP

6144:vkTuj+VPN1qJdPGK88YvgyvWe/WX4u3Ds1x99QcgAixuqjmsd6tsH0vn39rpVaGx:vsBVPv098V1d/+Tzs1x994DrUvNtVhr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23cfa324c3ff4fa28c72b55b36a212b6_JaffaCakes118

Files

23cfa324c3ff4fa28c72b55b36a212b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6dd97d2c137c5404bdee714f9f5d301d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateSolidBrush
GetDeviceCaps
SetROP2
SetTextColor
RestoreDC
SetBkColor
EndDoc
StartDocA
CreateDIBSection
SetMapMode
EndPage
DeleteObject
CreateCompatibleDC
RectInRegion

ole32

OleCreateFromDataEx
OleInitialize
OleUninitialize
OleQueryCreateFromData
OleNoteObjectVisible
OleCreateMenuDescriptor
CoTaskMemFree
OleCreateFromFileEx
CoLoadLibrary
OleSetClipboard
CoTaskMemAlloc
OleRegGetUserType
OleSave

user32

GetMessageA
LoadMenuA
GetParent
SystemParametersInfoA
GetCapture
MessageBoxA
GetClientRect
SetPropA
LoadBitmapA
EndDialog
LoadIconA
EnableMenuItem
GetWindowPlacement

kernel32

FreeEnvironmentStringsW
FormatMessageA
EnterCriticalSection
IsValidCodePage
GetStdHandle
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
VirtualAlloc
ReadFile
InterlockedDecrement
GetExitCodeThread
lstrcmpA
GetProcAddress
GetPriorityClass
GetCurrentThread
MultiByteToWideChar

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ