23fba64acc60793591851fed2cdbd51f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23fba64acc60793591851fed2cdbd51f_JaffaCakes118
Size

240KB
MD5

23fba64acc60793591851fed2cdbd51f
SHA1

1057f1d7eb3eac67a8eeb744e60337c3be1b565a
SHA256

4556342e8c23ed0811f5792a26f70cce5675a33a57c08ea14580d5b408f7f2d4
SHA512

eca40b962fcb8f0daacc77887ed7c1b6be12eef5b11535d255d83583cef2b06da032466b71403ca573a853fdd2f7bd2f5dde83160dcc8c11846e8aef44e54cf0
SSDEEP

6144:XxZabSV4FHzN7rZIIrLzWeI3K5WkKMwNx:BMSWRlKeyKbGx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23fba64acc60793591851fed2cdbd51f_JaffaCakes118

Files

23fba64acc60793591851fed2cdbd51f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72a0eb2d2a630188ff93d986f024f991

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameW
GetSystemTimeAsFileTime
OutputDebugStringA
InitializeCriticalSection
CopyFileA
GlobalMemoryStatusEx
GetProcessShutdownParameters
SetSystemTime
WriteConsoleA

user32

GetCapture
ReleaseCapture
GetWindowTextA
DdeEnableCallback
GetTabbedTextExtentA
SetFocus

gdi32

PolylineTo
GetAspectRatioFilterEx
ExtEscape
GetTextColor
CreatePolygonRgn
CreateHalftonePalette

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 722B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE