471a2c8789ebf5bf22af9a651b1f0875_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

471a2c8789ebf5bf22af9a651b1f0875_JaffaCakes118
Size

159KB
MD5

471a2c8789ebf5bf22af9a651b1f0875
SHA1

5756f70c8c41b61e95fd960ed358f12daeb93d73
SHA256

871fe804bd59aae62537fe3b08789c6b9c4fa3c9a1e0cf18b6ad544191e26cbc
SHA512

5fdf608403b534a71471f6b6589b1d54522817ea995c2440b2bc900d6ec1c1be0b6ab9d26c42e528be5f40d11130d387a6e7fbaec325b28731d55c0ffbce28a0
SSDEEP

3072:Wj8CywNpn18IK8dE55l5Wo/pMwrG8uXOwmqj8ILK4qT4ETbE40nZ:Mxjn1y8e5IwK89WKf4BfZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
471a2c8789ebf5bf22af9a651b1f0875_JaffaCakes118

Files

471a2c8789ebf5bf22af9a651b1f0875_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9926a455861203f2bcf53e72fd2ae1fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
FreeEnvironmentStringsA
IsDebuggerPresent
LocalFree
CreateFileMappingA
GetACP
FindClose
GetLastError
GetCalendarInfoA
GetModuleHandleA
LocalLock
LocalUnlock
CreateFileA
WaitForSingleObject
CloseHandle
GetConsoleAliasA
HeapCreate
FindAtomA
TlsGetValue
LoadLibraryExA

user32

DefWindowProcA
DispatchMessageA
SetFocus
IsWindow
PostMessageA
CascadeWindows
GetDC
GetIconInfo
CreateDialogParamA
GetMessageA
CallWindowProcA
ScrollWindow
GetDlgItem
DrawIconEx

msasn1

ASN1BERDecCheck
ASN1BEREncLength
ASN1BERDecEoid
ASN1BEREncFlush
ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ