261663e7a64f7a2db010f7d90364162b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

261663e7a64f7a2db010f7d90364162b_JaffaCakes118
Size

787KB
MD5

261663e7a64f7a2db010f7d90364162b
SHA1

dc394b1103a8f61d95e5c8047b5a845f1afb4edb
SHA256

94e32d82e26e428709735fbfc605da5bab6f57e86e962310696d0aec3b7a92b9
SHA512

cca44ae8c19c51501200ae62510e59e998c66d5c35fc5b4c1ef50ea25540e69a1fce6134a6571b2860d89f33e6e68aad56c3e49177beafc38973517f5da839a1
SSDEEP

24576:k6He7Us5xJ9EQiiwqNanIV3lsaqg8SFwK0WK:k6He7Us5xJ9pkKsc8SFwKQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
261663e7a64f7a2db010f7d90364162b_JaffaCakes118

Files

261663e7a64f7a2db010f7d90364162b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0532bd12564faa1e6273fd0aa64a785

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
PulseEvent
GetEnvironmentVariableA
ReleaseMutex
HeapCreate
CreateFileA
IsBadStringPtrA
GetModuleHandleA
GetACP
GlobalUnlock
DeleteAtom
FindClose
GetTickCount
CloseHandle
ExitThread
TlsGetValue
FindResourceA
LoadLibraryA
SetLastError
CreateMutexA

user32

CheckRadioButton
DrawEdge
GetDlgItem
CallWindowProcA
GetIconInfo
CopyRect
DispatchMessageA
DrawMenuBar
FillRect
IsWindow
SetFocus
DefWindowProcW
GetDC

msasn1

ASN1BERDecBool
ASN1BERDecCheck
ASN1BEREncEoid
ASN1BERDecNull
ASN1BEREncBool

dpnet

DirectPlay8Create

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ