34d364a70aa9fdee9ef2d962ac9c7c5a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34d364a70aa9fdee9ef2d962ac9c7c5a_JaffaCakes118
Size

699KB
MD5

34d364a70aa9fdee9ef2d962ac9c7c5a
SHA1

9d776d3430eac23c9f815b40a4c8a32c733a284f
SHA256

2565ae3b89b7f9da6a847e4d576d451352a46e136f01f8ed960c558330e18755
SHA512

5914da41e1e07d641e233a047e776433b3a985af67633b55c766b06d43bebdb0d677ed89ec6db4b964e5b20fb0d090a58e200aae487de27bec924d577130dccd
SSDEEP

12288:PqmIgWqYtVFC/WlY0YdhsfiTTM9/XHQQrTYLC3X6YS:JIgWzSwH8yX6n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34d364a70aa9fdee9ef2d962ac9c7c5a_JaffaCakes118

Files

34d364a70aa9fdee9ef2d962ac9c7c5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ab52411af9282f424af15e65602b73a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
LocalFree
GetTickCount
CreateEventA
lstrcatA
CloseHandle
GetModuleHandleA
Sleep
lstrcpyA
LocalAlloc
GetVersionExA
GlobalFree
GetFileSize
GlobalAlloc
GetCommandLineA
GetStartupInfoA
FreeLibrary
GetLastError

user32

DispatchMessageA
EndPaint
ScreenToClient
GetMessageA
SetWindowTextA
GetFocus
GetClientRect
GetWindowRect
BeginPaint
DefWindowProcA

msvcrt

_exit
__p__fmode
rand
__getmainargs
__p__commode
memmove
exit
_c_exit
__set_app_type
_adjust_fdiv
__setusermatherr
_acmdln
wcstoul
_initterm
toupper
_controlfp

gdi32

GetObjectA
SetROP2
MoveToEx
CreateFontIndirectA
SetBkMode

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 677KB - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ