38aec58f6e73fd9617721ecb8359f092_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38aec58f6e73fd9617721ecb8359f092_JaffaCakes118
Size

133KB
MD5

38aec58f6e73fd9617721ecb8359f092
SHA1

b074ce8c5e702c0c04102c51a8f4341b5134a9f1
SHA256

1b43e21a6c4c1f26352c8884b4a8b12291e36d34299e1a66c8cfb0f6ec9d34c3
SHA512

88ff9f5fd535491cc2fe86005b2be42bc0ac2cbbfa90e9081b7105e4399bb3ca909b53426d5d8d8972dd3583c1db0f7b7606d68aaf5257fe687f62cf5ccc51d0
SSDEEP

3072:L8gg+eO7Atezf4UU9ciZj8zNSDCU3WAH/HKUkw8b7gC+gLkLe4Ztcwvu2k:JeOUteb2ciZIzOC8WAHidbsX43

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38aec58f6e73fd9617721ecb8359f092_JaffaCakes118

Files

38aec58f6e73fd9617721ecb8359f092_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8529f8747d5f661a002bec909e2e4850

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
OutputDebugStringA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
lstrlenA
FreeConsole
WriteConsoleA
GetModuleFileNameA
CloseHandle
OutputDebugStringW
Sleep

user32

SetFocus
GetSysColor
DefWindowProcA
IsWindow
CreateMenu
CreateWindowExA
TrackPopupMenu
GetSubMenu
PostQuitMessage
MessageBoxA
GetWindowLongA
KillTimer
LoadMenuA
DialogBoxParamA
UpdateWindow
GetParent

gdi32

PolyTextOutA
RealizePalette
StretchBlt
CreateCompatibleDC
TextOutA
SelectPalette
SetBkMode
DeleteObject
SelectObject
BitBlt

comdlg32

GetSaveFileNameA

shell32

ShellExecuteA
SHGetFileInfoA

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ