41d1bcdca706338a60352d4a6c113ce3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41d1bcdca706338a60352d4a6c113ce3_JaffaCakes118
Size

413KB
MD5

41d1bcdca706338a60352d4a6c113ce3
SHA1

0fb655dc42656283dd186e39eb0fa968e496d645
SHA256

ef01bdd8248c7cdafe0f5db1b0a7b0e29253d99ed6136d19970da3e594be5b83
SHA512

38e66554d6a21fe9baa63ac24162d4e0b4b13810cd8855e32882d50994aa6463a0278f39d1c9a283787032547f978208114679ce1e8ddd82a931c4f1724045ab
SSDEEP

6144:UGoNREtUzhIBhwrtKQeMixD10lqk3A+8sJSy91qBrXVXHMOXXNdgtCxdJS0:iW6bcOZ3AuwiqBrFpXXg0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41d1bcdca706338a60352d4a6c113ce3_JaffaCakes118

Files

41d1bcdca706338a60352d4a6c113ce3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc688a076a09e46c226946428a6da392

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
CreateMailslotA
VirtualAlloc
GetProcessHeap
GetVolumePathNameA
ExitProcess
EnterCriticalSection
GlobalFlags
GlobalFree
GetTapeStatus
CloseHandle
FindAtomA
GetProfileIntA
GetStdHandle
EnumDateFormatsA
GetOEMCP
GetModuleHandleA
CreateJobSet
GetUserDefaultLangID
GlobalLock
LocalHandle

user32

ShowWindow
ReleaseDC
GetClassInfoExA
DrawEdge
GetDC
GetWindow
ValidateRect
GetFocus
RegisterClassA
GetClassNameA
IsIconic
EndPaint
BeginPaint
GetWindowTextA
GetWindowTextLengthA
CloseWindow
GetForegroundWindow
GetParent
GetActiveWindow

gdi32

CreateDCA
GetCharWidthA
GetColorSpace
ExtCreatePen
CreateDIBitmap

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ