22ed6848982052d774ab66e962dbb03b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22ed6848982052d774ab66e962dbb03b_JaffaCakes118
Size

169KB
MD5

22ed6848982052d774ab66e962dbb03b
SHA1

df72e15a6d462b52cc8e587221d8bde3db41a53a
SHA256

8a54251657a0548f003a1abf34e3359028f0b11a76912936d14b873a8c9b91a1
SHA512

3673f3dfa988b80ed303a80cea23ed5fb7b9768b290913c989027819dcaa3dbe4bc3c1a44c09e70bd4a1a7e3a1c6af7cea3f622179c5314652533537ccf61acd
SSDEEP

3072:szR83a2XVlDECzxUoXMhbKYLFnhP1/PVL/vpaKNdClA/oJXquUjx3WRv:sl8BbDXUprl3d7oVS1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22ed6848982052d774ab66e962dbb03b_JaffaCakes118

Files

22ed6848982052d774ab66e962dbb03b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26bc6e8144797666354e3ec0743575fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CharNextW
DispatchMessageW
KillTimer
TranslateMessage
CharUpperW
GetMessageW
GetDC
wsprintfW
PostThreadMessageW
GetAncestor
SetTimer
UnregisterClassA

kernel32

OutputDebugStringW
GetTickCount
lstrcpynW
GlobalFree
GetCPInfo
CheckRemoteDebuggerPresent
GlobalAlloc
GetLastError
EnumResourceTypesW
GetACP
DeleteCriticalSection
lstrcpyW
WideCharToMultiByte
lstrlenW
InitializeCriticalSection
FindClose
MultiByteToWideChar
lstrcmpiW
lstrcpyA
LockResource
GetModuleHandleW

winspool.drv

DocumentPropertiesW

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ