488bb1dbe4a26be210651861592465ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

488bb1dbe4a26be210651861592465ba_JaffaCakes118
Size

45KB
MD5

488bb1dbe4a26be210651861592465ba
SHA1

412bdea3e5ea118016a31278844d20617a8363a6
SHA256

bb2d6b37344e897292f8c934513a02a8842c845d96e70501d0c7f298efe92156
SHA512

a0fa7945f981fa227146bf872e271dbd72db8e229c482e11bce2413c0149316ef896e5ff91260e7dd71296bfe92a56a81897573814a350ce8d55edeaa6947a32
SSDEEP

768:6oB0cKjLTePyhrabqzI4c0rJE5P5x6KFFZeQqt2TCXQM3iJcmP0W:HFKTeP6WG84c0rm15NRtM58Pv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
488bb1dbe4a26be210651861592465ba_JaffaCakes118

Files

488bb1dbe4a26be210651861592465ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a979cc68b8a6f57f7c22ddf0b0d8c2ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetTopWindow
MessageBoxA
DialogBoxParamA
LoadIconA
ArrangeIconicWindows
CharUpperA
SetFocus
CharNextA
FlashWindow
GetSystemMetrics
RegisterWindowMessageA
ShowWindow
LoadCursorA
CreateWindowExA
UpdateWindow
SetCursorPos
CharLowerA
KillTimer
GetSysColorBrush
ShowCursor
SetWindowTextA
GetMenuItemCount
GetDesktopWindow
ReleaseDC
GetParent

kernel32

Sleep
GlobalFindAtomA
FreeLibrary
GetProcAddress
LoadLibraryA
SetLastError
lstrcatA
GlobalDeleteAtom
GetLastError
GlobalAddAtomA
CopyFileA
AllocConsole
FindResourceA
GetConsoleOutputCP
GetCommandLineA
GetConsoleCP
lstrlenA

shell32

DragFinish
ShellAboutA

gdi32

GetObjectA
GdiFlush
SelectObject
DeleteDC
DeleteObject
SetBkColor
SetTextColor
CreateCompatibleDC

ole32

CoGetCurrentProcess
CoFreeAllLibraries

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ