4114f0e088aafb6196024de7d4c9da39_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4114f0e088aafb6196024de7d4c9da39_JaffaCakes118
Size

1.9MB
MD5

4114f0e088aafb6196024de7d4c9da39
SHA1

956fe831c219e96311a74ca0dd4b713386a7e088
SHA256

be9acfcc23e39de12affe7de86fc4df4532bf499cc7c486aa6d5aa37e8a8ca11
SHA512

cf9474b48fd1c717144eea2231f56673385e671b761a9ee0cadf7359f935af32140d24fd95da3ed32fe498740de65d373f9f8c86934a4cd20fc7d94df3dabed4
SSDEEP

24576:5Duf1uKcf9iwJ2zn1y6PlKg/PMb+Y7abeHIoaeoeV/AsVU5uKhUOw6QRNCIip/:5zKcQe2zn/1/Eb+E3Nl8PhUwfV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4114f0e088aafb6196024de7d4c9da39_JaffaCakes118

Files

4114f0e088aafb6196024de7d4c9da39_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aac51bcc817ef5b6fc3c508c55b469ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessagePos
IsIconic
IsWindow
GetPropA
GetWindowLongA
GetFocus
GetSysColorBrush
GetWindowDC
GetCursorPos
GetSystemMetrics
GetSysColor
GetActiveWindow
GetMenu
GetSystemMenu
GetCapture
GetDC
GetAncestor

gdi32

PolyBezier

kernel32

GetConsoleMode
SetLastError
Sleep
WaitForSingleObject
GetModuleHandleW
IsBadReadPtr
GetCurrentThreadId
GetDriveTypeW
GetModuleHandleA
GetStdHandle
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
VirtualAlloc
QueryPerformanceCounter
GetFileSize
OpenMutexW
OpenMutexA
GetACP
ExitProcess
GetExitCodeProcess
IsBadWritePtr

Sections

.tls
Size: 1024B - Virtual size: 995B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 1KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ