43f1dd605decfc6c320402b10d7b27e8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43f1dd605decfc6c320402b10d7b27e8_JaffaCakes118
Size

91KB
MD5

43f1dd605decfc6c320402b10d7b27e8
SHA1

53e0be87c81e6d17e40ff80faca647168e14ac8c
SHA256

1079fcaafc45633dcb1f2272c8c9af194a76377d8f4db63404363507d7fa09af
SHA512

5ec14d2b85fbd6a3c297585e9efb92a06963d15634277affc57dfc61bd329c6aac8266540669cef75b077ff4c022c5f488b322ff532dc565645b57ae60d8d85f
SSDEEP

1536:0wMmyER0QWw6k23G9ikdLjlKs9h+ypQMZSgSXl2Fjr3xtVZG+RSCroAC2ql:0R0Mn3G9ikJBx/Q9AlZRRSC8Afy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43f1dd605decfc6c320402b10d7b27e8_JaffaCakes118

Files

43f1dd605decfc6c320402b10d7b27e8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

25461c5b5dddaaae8f9b3bd24498e8cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongA
SetWindowTextA
GetSystemMetrics
GetMessageA
EnableMenuItem
CheckMenuRadioItem
BeginPaint
EndPaint
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
TranslateMessage
DispatchMessageA

gdi32

PolylineTo
CreateHatchBrush
CreateSolidBrush
DeleteObject
GetBkMode
GetStockObject

ole32

CoInitialize
CoGetCurrentProcess
CoGetCancelObject
OleGetAutoConvert

oleaut32

SafeArrayAllocDescriptor
SafeArrayDestroyDescriptor

kernel32

EnterCriticalSection
GetLastError
GetFileSize
InterlockedIncrement
LeaveCriticalSection
InitializeCriticalSection
GetVersionExA
GetStartupInfoA
HeapAlloc
HeapCreate
HeapFree
GetACP
GetModuleHandleA
HeapDestroy
QueryPerformanceCounter
DeleteCriticalSection
GetCommandLineA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE