268ecefb37e85fadbb49455ab5af81a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

268ecefb37e85fadbb49455ab5af81a3_JaffaCakes118
Size

142KB
MD5

268ecefb37e85fadbb49455ab5af81a3
SHA1

7a65df2935658a2afa01f427cdd20b1b6123da6b
SHA256

fd965d35ca0d4a7c0e2204ca56676d6566d5f3b4124f38cc6187a442fc400c4b
SHA512

5755be900547d33cbecc6446cdda0f4f7344c9e17d6ef9c8b72b3b636036b90bbda87a697586d31231c91e06b0b0cfa07e3501b726483c73edf985d48a329387
SSDEEP

1536:+f56J08AabpHN/RFnWrNpVKmRZ1m0YxNElnX/7oO3Ou5eJuZn0iJIFGS/luVWw81:W56so7nSNXPZ2xaZ5eYd1JINrw8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
268ecefb37e85fadbb49455ab5af81a3_JaffaCakes118

Files

268ecefb37e85fadbb49455ab5af81a3_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2000ee5ab350dd5485204b32ff080fca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDeferWindowPos
LoadIconA
UpdateWindow
SendMessageTimeoutA
ChildWindowFromPoint
GetSysColorBrush
RemoveMenu
LoadStringA

msvcrt

_initterm
_wcsicoll
_XcptFilter
__p__commode
__set_app_type
_controlfp
exit
__p__fmode
_except_handler3
__getmainargs
_adjust_fdiv
_wrmdir
__setusermatherr
_acmdln
_exit
memcpy
wcscat

gdi32

Polyline
CreatePen
LineTo
GetStockObject
SetTextColor

kernel32

GetThreadContext
ExpandEnvironmentStringsA
GetEnvironmentStringsW
GetStartupInfoA
GetModuleHandleA
FileTimeToSystemTime
Module32Next

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ