315c1af5133114d3e83da846d78c150c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

315c1af5133114d3e83da846d78c150c_JaffaCakes118
Size

182KB
MD5

315c1af5133114d3e83da846d78c150c
SHA1

e92a451033b71b184c3856a516f00cf650e09a4b
SHA256

e56853c2b5c1d9f3ec61a1f9f208940b7f56ab79eba34f97c634860cfbfc5642
SHA512

c7b234ec8f1a9dd29dbef3ec8ac2419ec61957ad30bf4fb2dc5b42f71c207b1c53005e8a8f5d764ad53736aa2ca9dfa442ec124b458ec9536baf12fc6d6971bd
SSDEEP

3072:KbAg3pokmvFxghstR+Hp5/N+pBvOvSH6vDQ9LJsiMljdIAucoFby+1dv/DomaUPs:5kmnghse+zUv89LjWBIgMm+XzoOP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
315c1af5133114d3e83da846d78c150c_JaffaCakes118

Files

315c1af5133114d3e83da846d78c150c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a02c7a2b3af632401cc9c98d5783fece

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommState
SetThreadPriority
TransactNamedPipe
UTRegister
IsBadStringPtrW
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

IsWindowVisible
BlockInput
SendMessageCallbackW
GetMessageW
UnionRect
CreateDesktopW
CreateWindowExW
MoveWindow
GetWindowWord
GetCaretBlinkTime
ShowCursor
DeviceEventWorker
UnregisterClassA
SetConsoleReserveKeys
PostMessageA

gdi32

GetGlyphIndicesW
GdiIsMetaPrintDC
AddFontResourceExA
CreatePolyPolygonRgn
SetMetaRgn
GetDIBColorTable
EnumFontFamiliesA
UnrealizeObject
SetPixelFormat

Sections

.text
Size: 5KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE