379934a147fbf59ce2ec2de918b721f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

379934a147fbf59ce2ec2de918b721f9_JaffaCakes118
Size

32KB
MD5

379934a147fbf59ce2ec2de918b721f9
SHA1

a422c36092eb98306a29fabd35291ca6e6e64924
SHA256

f266e326802ea9e6d738539f8fb376a2274201fca9d2dcedc09dbe9942b70ae6
SHA512

f8951639eed3f91e5b71101dc0a73e635e6eaae6b79bd21a36f77df4f97c88b7acbf3012d8a910968e66f9669ad88ad596419928a62159f7aab035c64ec0f892
SSDEEP

384:T7e8u9FssVuLF4wg/j+aykfhBwGsU+Xm:TbsM4XacB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
379934a147fbf59ce2ec2de918b721f9_JaffaCakes118

Files

379934a147fbf59ce2ec2de918b721f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d1f205bc133b803c4653e35287ffcee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
IsBadReadPtr
SystemTimeToFileTime
FindResourceA
GetLastError
SizeofResource
GetWindowsDirectoryA
ReadFile
CreateFileA
VirtualAlloc
ExitProcess
LocalFree
FormatMessageA
FileTimeToSystemTime
IsDebuggerPresent
LockResource
InterlockedExchange
FileTimeToLocalFileTime
GetModuleHandleA
LoadResource

user32

GetSysColor
ScreenToClient
MessageBoxA
wsprintfA
FillRect
ReleaseDC
GetWindow
GetDC
GetParent
LoadCursorA
LoadStringA

gdi32

GetDeviceCaps
DeleteObject
DeleteDC
SetBkColor
SetTextColor
SelectObject

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ