471a2753f6ee7b6e470e6cb91be3f256_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

471a2753f6ee7b6e470e6cb91be3f256_JaffaCakes118
Size

393KB
MD5

471a2753f6ee7b6e470e6cb91be3f256
SHA1

60d84a498d173f704a71a1e69e15c7fb9913fc2b
SHA256

239c6008dacac7d763a3029de01112041d636ff40664a6563e4d6fe2552faf47
SHA512

e236c6f6ec3247d326e1d67be8ef6d4a006f200cf6d699909d3b71fcc07abc5df857dddddf9f7feb9bbc02df2e1bdefe90bc08fa0017b2f622e04c2e158ded92
SSDEEP

6144:fR3xg7dUShNmPhlen1GJw9B1uqY1dZHhptjYUxevM79lWzuDRsxyYZvy0TDjM79i:Zhg7dUmmLen1G6Lkjr7plWzuDRsVqtG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
471a2753f6ee7b6e470e6cb91be3f256_JaffaCakes118

Files

471a2753f6ee7b6e470e6cb91be3f256_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d64b64e7e68a806b948bea3f0a69ce7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
LocalFree
GetCalendarInfoA
CreateFileMappingA
TlsGetValue
GlobalUnlock
GetModuleHandleA
FreeEnvironmentStringsA
CloseHandle
FindClose
GetConsoleCP
GetACP
GetConsoleAliasA
LoadLibraryExA
Sleep
GetLastError
CreateFileA
LocalLock
FindAtomA
HeapCreate

user32

CallWindowProcA
GetIconInfo
DrawTextA
GetDC
SetFocus
DispatchMessageA
DrawEdge
DefWindowProcA
IsWindow
CheckRadioButton
GetDlgItem
CascadeWindows
FillRect
MessageBoxA

setupapi

CM_Add_IDA
SetupCloseLog
CMP_Report_LogOn
CM_Add_Range
SetupCloseInfFile

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ