21536c497878b3f2cd4ce1f3e5d46348_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21536c497878b3f2cd4ce1f3e5d46348_JaffaCakes118
Size

213KB
MD5

21536c497878b3f2cd4ce1f3e5d46348
SHA1

00f603996fbcfad49e775760b417e7356d9bc97d
SHA256

6c353b6f211eb10f36e97e8c432727aeecb9883f6f763bcc8d213d5daa1194e6
SHA512

52c0395134ffe9495062417e176cad27fb441ada46b588370851f480fac27b3f118863ba3c4bb4f93b8b2e15772e140f0419f34344854b284a57cfc01ad29b68
SSDEEP

3072:SlPdBBo37oJX2jVriD4/GXgEhC74eQPFoxPEeCCDS4SVpVMpvdDKJK8gtc3AKU2S:YObID73hg4lPFevfDIpwvNKJiKl5M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21536c497878b3f2cd4ce1f3e5d46348_JaffaCakes118

Files

21536c497878b3f2cd4ce1f3e5d46348_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d45bc42793fcf1cac6083cc356b599a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateProcessA
FindFirstFileW
GetFileSize
GetSystemInfo
GetTempPathA
GetVersionExA
GetWindowsDirectoryA
LoadResource
WriteFile

gdi32

AddFontResourceA
CombineRgn
CreateDIBPatternBrushPt
CreateEnhMetaFileA
CreateICA
DeleteDC
ExcludeClipRect
GetClipBox
GetDCOrgEx
GetNearestPaletteIndex
MaskBlt
PatBlt
PolyDraw
SelectClipRgn
SetBkColor
SetDIBColorTable
SetGraphicsMode
SetMapMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetTextJustification
SetWindowExtEx
TextOutW

user32

AdjustWindowRectEx
DrawIconEx
DrawMenuBar
EndDialog
FillRect
GetPropA
GetSysColorBrush
GetWindowThreadProcessId
InsertMenuItemA
IsWindow
LoadStringA
OffsetRect
ScrollWindow
SetActiveWindow
SetMenu
SetPropA
SetWindowPlacement
ShowOwnedPopups
ShowWindow
WinHelpA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ