216a127a7088bb819083cfe10949abff_JaffaCakes118 | Triage

Sharing

General

Target

216a127a7088bb819083cfe10949abff_JaffaCakes118
Size

14KB
MD5

216a127a7088bb819083cfe10949abff
SHA1

d9bac9cf628d518cb128153b00d7820791294851
SHA256

fa34eee0263b444769bb6bde40d959686e65d61f446938e2c85cdfd45de20847
SHA512

28afbeaed2ad44e1b9f9bd0c47103f114021864e3f0e975cfe51db3afde938e7a1307a142ea68554b7820adb77dfa466432c6087b970c78a7a86587e9e6b113e
SSDEEP

96:eN/w2q0bGKAtdCms0xoZGlwjwVpj9nN8GhTyX2gISrLSrtxi2OKbeiHAy:eFqiG5thd+AN8GhTyXr2OKbeigy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
216a127a7088bb819083cfe10949abff_JaffaCakes118

Files

216a127a7088bb819083cfe10949abff_JaffaCakes118
.exe windows:1 windows x86 arch:x86

de24e827856028ec1de42d3afb99cd18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCurrentDirectoryA
GetFileSize
GetModuleHandleA
CloseHandle
MapViewOfFile
CreateFileA
CreateFileMappingA
RtlUnwind
SetEndOfFile
SetFilePointer
UnmapViewOfFile

user32

DialogBoxParamA
EndDialog
DefDlgProcA
SetDlgItemTextA
GetDlgItemTextA
GetActiveWindow
LoadCursorA
RegisterClassA
MessageBoxA

comdlg32

GetFileTitleA
GetOpenFileNameA

crtdll

__GetMainArgs
exit
fclose
feof
fgetc
fopen
fputc
free
fseek
ftell
fwrite
memset
raise
signal
strcat
strchr
strcmp

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE