24225140e5ead9bb6cd4f3dbba6b113f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24225140e5ead9bb6cd4f3dbba6b113f_JaffaCakes118
Size

365KB
MD5

24225140e5ead9bb6cd4f3dbba6b113f
SHA1

840388b28e0f4d334cfbd80df5deac7ff5acb8b9
SHA256

cbd49589544a0bcd7899bae9788a5bec51a7b173c8b5d4d7b21a55a9f48238e4
SHA512

5eb97863632a49fe87ad8ef500fd01f4966d1b3d512851926f0060274ba34092122b60166d54ea00f77b9cbe99a7017c20c13f6ec480c73ce502fdde5d5ec8f6
SSDEEP

6144:Fmz+bIZrZL+TnqRTMdDVJJ8pnXunpWH3rF2dWVOfis9yMdnWFJ0htBuNhRI:kz+IZQrqRAdD+pXunQ7F2djdIJ0ht6k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24225140e5ead9bb6cd4f3dbba6b113f_JaffaCakes118

Files

24225140e5ead9bb6cd4f3dbba6b113f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0072362dbac8f4178485ed226ba99db8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
TlsGetValue
HeapCreate
CloseHandle
lstrlen
SetLastError
ReleaseMutex
PulseEvent
GetEnvironmentVariableA
FindResourceA
LoadLibraryW
GetModuleHandleA
CreateFileA
GlobalUnlock
LocalFree
TerminateThread
IsBadStringPtrW
FindClose
CreateMutexA
Sleep

user32

DefWindowProcW
SetFocus
IsWindow
DispatchMessageA
CopyRect
CheckRadioButton
GetIconInfo
DrawEdge
GetDlgItem
GetDC
DrawMenuBar
FillRect
CallWindowProcA

msasn1

ASN1BERDecBool
ASN1BERDecNull
ASN1BERDecCheck
ASN1BEREncEoid
ASN1BEREncBool

dpnet

DirectPlay8Create

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ