240a2d45fdcf5e263554cd41d6e365e0_JaffaCakes118 | Triage

Sharing

General

Target

240a2d45fdcf5e263554cd41d6e365e0_JaffaCakes118
Size

413KB
MD5

240a2d45fdcf5e263554cd41d6e365e0
SHA1

846975bd54e2cfedc0e8b2741eff01f68e2064bf
SHA256

06c88c5cfa33402c5ec2320c70a49b7aa3885875e41f5fb649dda0998e09bb8e
SHA512

7d998eb66c2ec7a966498f901485bdc3d4cb5a29a2889ac47d7d3c2d41f8ec871ef74c302f199c0bb1e31a51f37e1b5e1c9d252e7c06daa462f8879319b226a2
SSDEEP

6144:ZldT42n6zoBRq2U72s9BAot5glelrxX6vV2VYtUo8Od8ewWHsk:ZPz9G2o2s9+ovglxYVOUteHwwZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
240a2d45fdcf5e263554cd41d6e365e0_JaffaCakes118

Files

240a2d45fdcf5e263554cd41d6e365e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

081da86b8e9125fdcf51e764d47d6044

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
GetProcessHeap
CreateMailslotA
LocalHandle
ExitProcess
GetUserDefaultLangID
GetProfileIntA
CreateJobSet
GetStdHandle
FindAtomA
GlobalFree
VirtualAlloc
GetTapeStatus
GetOEMCP
CloseHandle
EnumDateFormatsA
GetModuleHandleA
EnterCriticalSection
GetVolumePathNameA
GetProfileStringA
GlobalLock

user32

CloseWindow
ShowWindow
GetActiveWindow
BeginPaint
GetClassInfoExA
GetWindow
GetClassNameA
GetWindowTextLengthA
GetDC
DrawEdge
GetForegroundWindow
EndPaint
GetFocus
GetWindowTextA
RegisterClassA
IsIconic
ReleaseDC
ValidateRect
GetParent

gdi32

GetCharWidthA
CreateDCA
GetColorSpace
ExtCreatePen
CreateDIBitmap

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ