23771f217b0388b2507c74031fbc3787_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23771f217b0388b2507c74031fbc3787_JaffaCakes118
Size

626KB
MD5

23771f217b0388b2507c74031fbc3787
SHA1

3a855b847683ae1dd5dcc32b68b6f86329e318dd
SHA256

d7d4eb981d112f36caa2a81c6bdd276c33ec08d52842df7e58d29127454c3b48
SHA512

6743d8e6576665619eaebfcbe0961d290de9acb7712f80c64a97212134bfed405f52757375b700e3e25c108198b9dee14d683d056c658c1a3862954c2f0e13e8
SSDEEP

12288:vLL/b6yMUDiPRsjSHtV6B2KnYA+bg+E2deLaBTEWLGDjIOeoEb0aA9oiwObK+:vLvbMUD3+Tk2K/+VdeLaBTDSp4bILvbL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23771f217b0388b2507c74031fbc3787_JaffaCakes118

Files

23771f217b0388b2507c74031fbc3787_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f18a7079e0180f1698fa00f27ddc6f87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CheckRadioButton
DispatchMessageW
GetWindowRect
LoadImageW
GetIconInfo

msvcrt

__setusermatherr

kernel32

WriteFile
Sleep
GetTickCount
EnterCriticalSection
GlobalUnlock
GetCommandLineA
GetCurrentProcessId
SleepEx
ExitProcess
VirtualProtect

gdi32

SetWindowOrgEx
GetDeviceCaps

advapi32

RegCloseKey

Sections

.text
Size: 587KB - Virtual size: 586KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ