24a4e181c955f28f7cfe61539d29316d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24a4e181c955f28f7cfe61539d29316d_JaffaCakes118
Size

56KB
MD5

24a4e181c955f28f7cfe61539d29316d
SHA1

87efc9cd17555d74929a53af5034cb2ac130936e
SHA256

9b8f9279b289bfecd89d4511378825f68050626b45ca4118d2ca61e22fc8f7bb
SHA512

b846ec229462f4f8141bb80d6d383be406c2bd5ad78f198e0f7609e1483ed5f7f1567dbe0b155585c902e0c60fde7a4d9f1eb505e8280ee255cd9a40246fb465
SSDEEP

768:1TLKjpHq5JESrY0WzM30GjyCwJRoe8V3OxrOlozHnJki+ZlNkGOhqdJT:1TGVmeiWzMF4RYOxrOIHnJk5NkGjdN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24a4e181c955f28f7cfe61539d29316d_JaffaCakes118

Files

24a4e181c955f28f7cfe61539d29316d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

233d43c85d3e6d8c909589d1c7274413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
LoadImageA
GetMessageA
DrawTextA

kernel32

SetEndOfFile
lstrcmpA
WriteFile
VirtualAlloc
TlsSetValue
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
Sleep

ole32

CoInitializeSecurity
OleCreateLink
WriteClassStg
CoGetCurrentProcess

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE