479d114f4e1e3fc890a633490e6bd8e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

479d114f4e1e3fc890a633490e6bd8e9_JaffaCakes118
Size

100KB
MD5

479d114f4e1e3fc890a633490e6bd8e9
SHA1

478cd67edddf402d6a256826362ef69e3341c185
SHA256

0bb3417b5cb61f3511c5de2f8406300e67e21cfbcc4bea6fc12c5727f6f5d0bb
SHA512

a8f4d263466714eed6526b894e535a495ccc5347c89ce861b0854a37087dc6f39af15be1a1a21d243b062f0ebe5a26a95d4bcf0b0c695d04ff7494b8be4ffc26
SSDEEP

384:XINOEG1RBB0MwK0+5oNylUE11hLsDdxCFpuk4dmpG3/80//+kkN:XI66slFdsDdxvdmEUi/F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
479d114f4e1e3fc890a633490e6bd8e9_JaffaCakes118

Files

479d114f4e1e3fc890a633490e6bd8e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03b20c3148fac04c7f2e835ab34e2722

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawTextExW
GetDlgCtrlID
GetDlgItem
GetWindowPlacement
ScreenToClient

kernel32

ExitProcess
GetProcAddress
LoadLibraryA
LocalFree
VirtualProtect

Sections

.itext
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rel
Size: 702B - Virtual size: 702B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE