276fa28d91dac6e24b7dd361d5ba9576_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

276fa28d91dac6e24b7dd361d5ba9576_JaffaCakes118
Size

322KB
MD5

276fa28d91dac6e24b7dd361d5ba9576
SHA1

f75625c57af923dfedac3cba8c847c6c1ecd7926
SHA256

c5899378368d0330c6ee28c34cb2aa48246203f11302ed24fa4595afecf20c83
SHA512

b0f97cda9e5566a68ee555a91ab80801dcabcdc562e04162abf74812cb0b68ed30902699be7f02cf475d5ee04305e8335a2b87d8c7fdc100039c4aa68c107665
SSDEEP

384:yRTDQ5iTtkBIX6adeMYW0gfqiqEtsBSYxtpe5h//uAY:yRnQ5OLX6adeA0lysBS0e5h+L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
276fa28d91dac6e24b7dd361d5ba9576_JaffaCakes118

Files

276fa28d91dac6e24b7dd361d5ba9576_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a2033f3373f9e4a731b4c16e213d3748

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
HeapFree
HeapAlloc
GetLastError
SetFileAttributesA
lstrcpyA
lstrcpyW
GetProcessHeap
GetSystemInfo
Sleep
VirtualAlloc
lstrcatA
SetLastError
SleepEx
GetLocalTime
LocalFree
LocalAlloc
GetModuleHandleA
GetEnvironmentStrings
GetProcAddress
VirtualFree
GetSystemTime
lstrlenA
GetTickCount
GetFileAttributesA
GetWindowsDirectoryA
lstrcmpA
DeleteFileA

shlwapi

StrToIntA
StrStrA
StrStrIA
StrCmpW
StrCmpNW
StrChrA

user32

GetDlgItemTextA
SetDlgItemTextA
CharUpperW
CheckDlgButton
CharUpperA
SetFocus
GetDlgItem
SetDlgItemInt
LoadStringA
GetDlgItemInt
EndDialog
EnableWindow
IsDlgButtonChecked
SendMessageA

Sections

.text
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ