29cdab593181907b56f0d404c6f56c54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29cdab593181907b56f0d404c6f56c54_JaffaCakes118
Size

740KB
MD5

29cdab593181907b56f0d404c6f56c54
SHA1

6c5985cbca8d222bf8ee847ea913d0606a630772
SHA256

bac691e0e39feeab3eb64d34e8f21757c787afcef323a2cdb6af0615be6c6c03
SHA512

9416be170dc333d6471bc5506a61ff9fd48f0d77b7d1e8a69f491eae5eaddb359e60a00683652de02adbca2cea81a4f745029eef2a4f538dc7c8110fbaeed46a
SSDEEP

12288:STAykuj4UQXm0htzuPWXJEmtbhRjIwkqEbvpCNUEy1R3p8DUwJuI:Shk6OzuPWXJ/owkqEvsNFsuDUwJ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29cdab593181907b56f0d404c6f56c54_JaffaCakes118

Files

29cdab593181907b56f0d404c6f56c54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9eddf1cb2dd6da0687d1c49356e59e9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
GetFileSize
GetModuleHandleA
GetStartupInfoA
lstrlenA
LocalFree
GetLastError
GlobalAlloc
GetCommandLineA

user32

GetWindowRect
DialogBoxParamA
GetMessageA
CreateWindowExA
LoadIconA
MessageBoxA

gdi32

GetObjectA
GetTextColor
SetROP2
BitBlt
GetDeviceCaps
SetBkMode
GetTextExtentPoint32A
PatBlt
GetTextMetricsA
LineTo
ExtTextOutA
CreateFontIndirectA
SetPixel
CreateCompatibleDC

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ