279e48785cd2bd50bd5653f8d026b7f1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

279e48785cd2bd50bd5653f8d026b7f1_JaffaCakes118
Size

341KB
MD5

279e48785cd2bd50bd5653f8d026b7f1
SHA1

7d4de5a3870de368c55d5f11674be469463994c1
SHA256

be9b98aab30eacae18ede752d50b763dd9137189f3a11fb06c3fbd7ca65b7934
SHA512

f0a4e75f4f0d6ff1ccc36fffebe1b8f2179fc68a7aa51d21bd9f8b0e661896d1cc2a19a1488567335fdaace12eb5a0e0f44b036eb1d5ac840b423a623c7f02af
SSDEEP

6144:8uOMr3vBHILHB4wPN3Rm+vljNQz2BK2XVhC0uOT5IQzWkAG+/x2f2IL5YLaIaz9Y:Xr3vBoLHlN3RmmdNQhc80uE5IQzBKjIW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279e48785cd2bd50bd5653f8d026b7f1_JaffaCakes118

Files

279e48785cd2bd50bd5653f8d026b7f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be3f54edd4d06798d3e2b1fe6391fe3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetModuleHandleA
GlobalLock
LoadLibraryExA
CreateFileMappingA
CreateEventA
GetConsoleCP
GetLastError
GetACP
lstrlenA
FindClose
CreateMailslotA
GlobalUnlock
CreateFileA
IsBadReadPtr
FreeEnvironmentStringsA
IsDebuggerPresent
LocalFree
GetStdHandle
HeapCreate

user32

DialogBoxParamA
SetFocus
CheckMenuItem
DispatchMessageA
GetMessageA
EndDialog
GetDlgItem
GetIconInfo
IsMenu
GetDlgItemTextA
GetDC
RedrawWindow
GetListBoxInfo
DrawIconEx

uxtheme

EnableTheming
CloseThemeData
GetThemeMetric
GetThemeColor
DrawThemeIcon

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ