39b9c99df828e508f651ed5721235ff8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39b9c99df828e508f651ed5721235ff8_JaffaCakes118
Size

55KB
MD5

39b9c99df828e508f651ed5721235ff8
SHA1

a05038f5c456902ee31650f2689e7d1a80610d34
SHA256

c4d898f1405937fda8dd87ab0e6088a4a06ce4e9d0c755f8276cdeb87efdf3ef
SHA512

46aa9b10ef1489fd60216e234d39787f0a79562227e1f600a34b13512b31cd06db68703d0f0f760bfed24ba2f52bfc5838b3cab04d54bc46672d0e009122d231
SSDEEP

768:HKtmC0inlSLYssZLtu36JPTn003njqXXiLnJXeQxb4gdzQMJjX23i:qmC0iysZ5kOTB1xeQ/dzQqj2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39b9c99df828e508f651ed5721235ff8_JaffaCakes118

Files

39b9c99df828e508f651ed5721235ff8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e96a43161a0370769d2e3d01ce43d95d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject

comctl32

ImageList_DragEnter
InitCommonControls
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag

user32

SetCapture
SendMessageA
ReleaseCapture
RegisterClassExA
PostQuitMessage
LoadIconA
LoadCursorA
LoadBitmapA
GetMessageA
GetCursorPos
DispatchMessageA
DefWindowProcA
CreateWindowExA
TranslateMessage

kernel32

LoadResource
lstrcatA
WriteProcessMemory
VirtualAllocEx
Sleep
SizeofResource
SetThreadContext
RtlZeroMemory
GetThreadContext
ResumeThread
CreateProcessA
ExitProcess
FindResourceA
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
LockResource

ntdll

ZwUnmapViewOfSection

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE