4232f5edb1af0b64b28cb634ece9efd7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4232f5edb1af0b64b28cb634ece9efd7_JaffaCakes118
Size

815KB
MD5

4232f5edb1af0b64b28cb634ece9efd7
SHA1

2d494af385485fb2b52c2e50a37e2b4523ad31b7
SHA256

d469107839bc9ee16d0fd29e4c1cea75611ba4cfe6ebe7fc90f74c56d020e7e1
SHA512

0e6ad354474c502c06851fb6d274f5ab8401542363fb982fb9a056493e4dc0032712698fc428d7c68c833125fc5e7cdf3bc8ec0e899e19fc888d5d80dce691b8
SSDEEP

12288:dM8QIrhh6cQIvZlV5Aj8N+cYTS3y5yBu9atD2mGFv+/StClTgQFD0DxdmuhcaZoP:SGccfZpS8+cU9ItymG4/SIlcComIIL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4232f5edb1af0b64b28cb634ece9efd7_JaffaCakes118

Files

4232f5edb1af0b64b28cb634ece9efd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fd4b0332b85e0d1dc1f546246937e90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoA
LoadLibraryExA
FreeEnvironmentStringsA
Sleep
GetConsoleAliasW
GlobalUnlock
LocalFree
GetACP
GetModuleHandleA
HeapCreate
WaitForMultipleObjects
CloseHandle
LocalLock
GetLastError
CreateFileA
CreateFileMappingA
GetConsoleCP
FindAtomA
FindClose
TlsGetValue

user32

DrawEdge
GetDC
CopyRect
CallWindowProcA
FillRect
SetFocus
CheckRadioButton
DispatchMessageA
DrawTextA
GetIconInfo
GetDlgItem
IsWindow
DefWindowProcW
MessageBoxA

setupapi

SetupCloseLog
CMP_Report_LogOn
CM_Add_Range
SetupCloseInfFile
CM_Add_IDA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ