42ad5d363a7d84024657e0b813248238_JaffaCakes118 | Triage

Sharing

General

Target

42ad5d363a7d84024657e0b813248238_JaffaCakes118
Size

58KB
MD5

42ad5d363a7d84024657e0b813248238
SHA1

14f2d7ef166c501dca9d2093ed42c23c636ca42c
SHA256

db5f520bdad98ba8f4304585bc8377b9a6ca7dec47252025d4eba4353c33a6eb
SHA512

f73572e51616cbb550f77a58cc93020154b5e12160ef73bca0e6ce2e06b3f74ebbeb69a3378b6e10028f602e5d2ce8a2bd68a345d098f218d64b40a0f3bb775f
SSDEEP

1536:sg22Tj0Py9iJM2X98F3vS4uWxh2dsEpY:s12TjFi62N8FCmh2dV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42ad5d363a7d84024657e0b813248238_JaffaCakes118

Files

42ad5d363a7d84024657e0b813248238_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9b7d1dbfb2989239e9f7f2c8b8ebbd3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
CreateFileA
CreateFileMappingA
CreateThread
ExitProcess
FormatMessageA
GetCurrentProcessId
GetCurrentThread
GetDateFormatA
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetProcessHeap
GetSystemDirectoryA
GetTickCount
GetWindowsDirectoryA
InterlockedExchange
LoadLibraryA
LoadLibraryW
OpenEventA
RaiseException
SetEvent
SetFilePointer
SetLastError
Sleep
TerminateThread
WaitForSingleObject
lstrcpyA
lstrlenA

user32

BeginPaint
EnableWindow
EnumWindows
GetFocus
GetKeyState
GetWindowRect
MapWindowPoints
PostQuitMessage
RegisterWindowMessageW
SetCursorPos
SetRectEmpty
SetWindowRgn
SubtractRect
UnregisterClassW
WindowFromPoint

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ