47507fabe450450c2d0bc8f28fde8031_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47507fabe450450c2d0bc8f28fde8031_JaffaCakes118
Size

456KB
MD5

47507fabe450450c2d0bc8f28fde8031
SHA1

7a7ae2a473a72e30f19ac1994a93a719bcde999b
SHA256

1189506b58caa1e822ff1aedd5714f39ccbaa0489fe3ee6ccb03d1dec6b1c312
SHA512

45a5e499cfa3206bd5a694421a7c97587ed06a2c94acad884a837e1bf3504f8719783293af678f1b397e24df46d62d2d04ba68af62bc5984400e80b618aed3c2
SSDEEP

6144:nwNesb/i8Y4kXQrpaW4FFLfoYiG6DTGHPlYsLO8n3rE5vZDVu+/YwT:CP//kAo1FToUoiHd9O8n3rWRBu+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47507fabe450450c2d0bc8f28fde8031_JaffaCakes118

Files

47507fabe450450c2d0bc8f28fde8031_JaffaCakes118
.exe windows:4 windows x86 arch:x86

538ffd0904f65070e4e8952f819854a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
ExitProcess
LocalReAlloc
InterlockedExchange
GetSystemDirectoryA
GetLastError
DeleteTimerQueue
GlobalLock
SetFileApisToANSI
VirtualProtect
HeapCompact
GetModuleHandleA
GetProcAddress
VirtualFree
VirtualAlloc
ReleaseMutex
GetSystemTime

user32

EndPaint
DestroyWindow
GetClientRect
IsZoomed
GetDesktopWindow
EnumThreadWindows

gdi32

CreateDIBPatternBrush
CreateBrushIndirect

advapi32

AddAce
CopySid

shell32

DuplicateIcon

ole32

CoUninitialize

msvfw32

DrawDibDraw

avifil32

EditStreamSetNameA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ