2638ddb368a75c1961b321eabd348608_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2638ddb368a75c1961b321eabd348608_JaffaCakes118
Size

40KB
MD5

2638ddb368a75c1961b321eabd348608
SHA1

d7a4f0854e8073e515ab0db845e0464c802c3d15
SHA256

42c7943bbdc2ccf7c7489fd543b758bd35b95cb597ba613a99b85fbebf667687
SHA512

e6982321f7aa426a0849cb65b7a7013b7f4f3a94bc13c90d2ea33ca6c4f33355895e15592aa9b915f66071d6acd99ca40fb4cee2ba5e05cce117ab9bec6e5e64
SSDEEP

768:+FjAFP8+Xr5PaSew93zEbkBJJpK3fhqsZmSXOA0STc85hdzWL:ujKJeizaKwhUSuST3hdS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2638ddb368a75c1961b321eabd348608_JaffaCakes118

Files

2638ddb368a75c1961b321eabd348608_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29abd1d38d2ea0ffaccf1ea2b300a1db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogW
ExitProcess
GetCurrentDirectoryW
GetProfileIntW
HeapDestroy
Module32First
ReadConsoleOutputCharacterA
SetCalendarInfoA
SetThreadAffinityMask
SetUnhandledExceptionFilter
TransmitCommChar
lstrcmpiA

user32

AttachThreadInput
BroadcastSystemMessageW
CharPrevA
DefMDIChildProcA
DlgDirListComboBoxW
FillRect
GetDlgCtrlID
IMPSetIMEA
IsChild
SendDlgItemMessageA
SetClassLongW
SetClassWord

gdi32

Arc
CreateDiscardableBitmap
GetMetaRgn
GetNearestColor
GetObjectA
GetTextFaceW
SetColorAdjustment

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE