256637bcbf0deac06623689db831a54f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

256637bcbf0deac06623689db831a54f_JaffaCakes118
Size

224KB
MD5

256637bcbf0deac06623689db831a54f
SHA1

0ba1dc356c78f6a184f01c92bff943759e71113e
SHA256

3888d4d963278a027d52a0a315863b27c8bd9487637e230ac1350c3158566ba4
SHA512

96989f6a9fa156fc62db8ddf31b81a17a41c2aad37bba60a9d76ee3623894d83bcd27dd06f58cac20c76005aa9f67a0a03e9f08fa6c84eae6e048a5534fbcacb
SSDEEP

6144:XMjEhhvVAKjTMYOdyybGr0B4KrYZ3VF6t:XM447dyyC0B4P3n2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
256637bcbf0deac06623689db831a54f_JaffaCakes118

Files

256637bcbf0deac06623689db831a54f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c22163d220a21f25220814aa22d9f63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetModuleHandleA
LoadLibraryA

user32

DrawTextW
MoveWindow
GetWindowRect
EnableWindow
CreateWindowExA
DestroyWindow
DefWindowProcA
GetWindowTextW

gdi32

CreateDCA
CreateSolidBrush
BitBlt

msvcrt

_initterm
_controlfp
_except_handler3
__set_app_type
strcmp
_exit
__p__fmode
exit
_acmdln
__getmainargs
_XcptFilter
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ