4417c5dd27ed29680145bdf21f66249a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4417c5dd27ed29680145bdf21f66249a_JaffaCakes118
Size

340KB
MD5

4417c5dd27ed29680145bdf21f66249a
SHA1

d669d78e1a89e3be7ff044003168bef6ff8b5b02
SHA256

7e0b6f4f8c896d7462048967bfdc117d58d32d9ef70ee382748b412a954e73f2
SHA512

69693b259095561fc0973daa22ffba1e8f3df81ef242604088feeb94121cb1657f1f1ca7457e082f8d6c0bcfe9af74735150cbb05519104b49faa029b0801cb6
SSDEEP

6144:/SDaK9o1+dMVLxnC7pyWS9f1kdbpP2zWUej5FUWy4x2En3dMR:/SGIj4lC7pyvf1kFIA1y4xI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4417c5dd27ed29680145bdf21f66249a_JaffaCakes118

Files

4417c5dd27ed29680145bdf21f66249a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e13a2b388c304b3415c916407aa7b6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LocalFree
CreateFileMappingA
IsDebuggerPresent
CloseHandle
GetPrivateProfileIntA
IsBadReadPtr
FreeEnvironmentStringsA
LoadLibraryExA
GlobalLock
GetStdHandle
GetModuleHandleA
CreateFileA
HeapCreate
lstrlenA
CreateEventA
GetACP
GetConsoleCP
FindClose
GlobalUnlock

user32

CheckMenuItem
DispatchMessageA
GetIconInfo
GetListBoxInfo
RedrawWindow
EndDialog
GetDlgItem
SetFocus
GetDlgItemTextA
IsWindow
DialogBoxParamA
GetDC
GetMessageA
DrawIconEx

uxtheme

EnableTheming
DrawThemeIcon
CloseThemeData
GetThemeMetric
GetThemeColor

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ