267f79a9f2295d968bbe37cb3940113d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

267f79a9f2295d968bbe37cb3940113d_JaffaCakes118
Size

699KB
MD5

267f79a9f2295d968bbe37cb3940113d
SHA1

23fffc8610f96895d68bab38781749234d3d78a5
SHA256

c3bfe47b41e3a5b63c8d9ff75d947871260c8d0972ffc81d6da0c8bd85b4df35
SHA512

f7a82b87368698d8bc6bc9d7d2fc6578f334cbbe41faf386e106209b8fadb35405606abdcfbe06b0301d9f50e81247fe74b9b8ce26ac1e718047155fa5b26c0f
SSDEEP

12288:ep7UByqRKdZppFN7AqDcGECKeEIh3DdqcZ4KVkUU:aUXoRfSGzEa3gc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
267f79a9f2295d968bbe37cb3940113d_JaffaCakes118

Files

267f79a9f2295d968bbe37cb3940113d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01cb48c1a47165d6bfffb34648154aa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
LocalFree
GlobalFree
CloseHandle
GetLastError

gdi32

GetBkColor
CreateSolidBrush
PatBlt
ExtTextOutA
CreateCompatibleDC
GetStockObject
GetTextColor
GetObjectA
CreateFontIndirectA
DeleteObject
MoveToEx
SelectObject
BitBlt
SetPixel

user32

BeginPaint
DestroyWindow
CreateWindowExA
GetMessageA
EndPaint
DispatchMessageA
ScreenToClient
ShowWindow
LoadIconA
DialogBoxParamA
PostQuitMessage
GetSysColor
TranslateMessage

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 692KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ