42185d5481d327fe6368345e80a456a2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42185d5481d327fe6368345e80a456a2_JaffaCakes118
Size

340KB
MD5

42185d5481d327fe6368345e80a456a2
SHA1

1fdc6981d45c16c580fa5d78c41eaf9919b8d631
SHA256

d5a998d92a84077882007fe56755e05aec2e704a5d02824dda4d897436d7b19f
SHA512

cd336d5414913fd2790b3ddc494ac5a173501590153353b183b1c69cc86efab9f675a652f8657012fb05e90ce675b992c8d72df5fb45bed583ad501ba4bd36a5
SSDEEP

6144:kixBo8AoXC3evHLoUtLjXFR74+nbimd+IjYyTvw8SQX97Ft/1S2gpxj:kixG8HHM6f74kbZd+IPSQX97j/1tg3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42185d5481d327fe6368345e80a456a2_JaffaCakes118

Files

42185d5481d327fe6368345e80a456a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d42b05fb34cb56056e31fb9d13570971

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GlobalLock
LoadLibraryExA
GlobalUnlock
CreateFileA
LocalFree
lstrlenA
GetModuleHandleA
IsBadReadPtr
FreeEnvironmentStringsA
GetPrivateProfileIntA
FindClose
CreateEventA
HeapCreate
GetStdHandle
IsDebuggerPresent
CloseHandle
GetACP
CreateFileMappingA
GetLastError

user32

GetListBoxInfo
DispatchMessageA
DialogBoxParamA
RedrawWindow
SetFocus
GetDlgItemTextA
CheckMenuItem
GetIconInfo
EndDialog
GetDlgItem
GetMessageA
IsWindow
GetDC
DrawIconEx

uxtheme

EnableTheming
GetThemeMetric
DrawThemeIcon
CloseThemeData
GetThemeColor

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ