42c00e8fc31e1dd9cd38b4ff917a3f57_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42c00e8fc31e1dd9cd38b4ff917a3f57_JaffaCakes118
Size

88KB
MD5

42c00e8fc31e1dd9cd38b4ff917a3f57
SHA1

2b18657109fe2e62e8a7696d2582f5218a2cdec5
SHA256

c854658c6ba7c3f3870ffb3e92d56c081c3902d00debb9d249c5f35c1802553a
SHA512

3f4682ee80ebf729181b08623d51db7717816ebe852d6538c8a03134e339fe13ed2a13c8aa624b6949a12087a7981708b9fc639bfdce1709b33db6e0c2618276
SSDEEP

1536:HB5OUAIlQuIT9chbo52y4YdtING/KGNEQ4IWuto8IwOYsDxac/6tDs:HBfAIlOT9gVAtrNWj51ot

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42c00e8fc31e1dd9cd38b4ff917a3f57_JaffaCakes118

Files

42c00e8fc31e1dd9cd38b4ff917a3f57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd86cc407498204aaa7e28c2242a35f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelWaitableTimer
VirtualFree
CloseHandle
WaitForSingleObjectEx
SetWaitableTimer
CreateEventA
ExitThread
SetFilePointer
CreateWaitableTimerA
GetTickCount
ReadFile
VirtualQuery
SetEvent
ReleaseMutex
VirtualProtect
SuspendThread
LocalFree
ResetEvent

user32

SendMessageA
PostMessageA
ShowWindow
RegisterClassA
GetSystemMetrics
FindWindowA

comdlg32

GetFileTitleA
PrintDlgA
PrintDlgExA
FindTextA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ