34e24f9e78c7f9fa6eec0ab8f0cb8d21_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34e24f9e78c7f9fa6eec0ab8f0cb8d21_JaffaCakes118
Size

33KB
MD5

34e24f9e78c7f9fa6eec0ab8f0cb8d21
SHA1

cdc1d822e238dd865a1c9f1fc6ada30d25279de7
SHA256

c2fa846b4b2f4581cc7fc7f68857aace4f4e6eba88ff31885ceeb860fb593e2d
SHA512

800721ff22583e866a8bfb8a6c3363b8298d2b38efeaaa2011de20e794a508b24dcc875ac25dde6bc09160b8815c5920ab122183ea1c764bf589c91c71c1a69c
SSDEEP

768:73YoEFIHCaXF7HtKfx0XJfZ3D/ynj31jW35VLsO3:73p1HCahwZ0ZfZ76sVLv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34e24f9e78c7f9fa6eec0ab8f0cb8d21_JaffaCakes118

Files

34e24f9e78c7f9fa6eec0ab8f0cb8d21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc0fc37a2ede3d51e8460e596000b60e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
GlobalAddAtomA
GetStartupInfoW
LocalUnlock
GetTapeStatus

user32

CharLowerBuffA
DdeConnectList
LoadIconA
SendIMEMessageExA
RealChildWindowFromPoint
CharPrevW
SetMenu
DeleteMenu
SetClassLongA
CopyImage
RealChildWindowFromPoint
ChildWindowFromPoint
CreateIconFromResourceEx
SetDlgItemInt
GetWindowContextHelpId

gdi32

PaintRgn
GetAspectRatioFilterEx
GetEnhMetaFileBits
EngPaint
GetCurrentObject
GdiGradientFill
FONTOBJ_cGetAllGlyphHandles
PolyPatBlt
GdiConvertDC
GdiGetDC
PlayEnhMetaFileRecord
StretchBlt
PolylineTo
Ellipse
ScaleViewportExtEx
GdiDeleteSpoolFileHandle
StartDocA
RealizePalette

Sections

CODE
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pack32
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ