48f202aa7d5d7a7394c886bad4ae8ba4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48f202aa7d5d7a7394c886bad4ae8ba4_JaffaCakes118
Size

32KB
MD5

48f202aa7d5d7a7394c886bad4ae8ba4
SHA1

267149d029a43b74ef66510ff08c1579cdf70de6
SHA256

dc671ac4887953d75a9666e4555522699b6100534065b1a681a1c8392cac31fb
SHA512

90acdd092d1cd2a8841e405ffc5867e36d246567ed30fb1fae9da24982dcfb28d3d1806db28cabdcefa55ebc0fdb9aa41921bdde67764556204998b0f23d3cdd
SSDEEP

768:IvGOs9ekmONYjBobbVYEQw8Ws8xx3oCnNcoBOHGS4B0q:9ekTUBobbVYV4sIioBKGV0q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48f202aa7d5d7a7394c886bad4ae8ba4_JaffaCakes118

Files

48f202aa7d5d7a7394c886bad4ae8ba4_JaffaCakes118
.exe windows:3 windows x86 arch:x86

eb691b62dbc41af2bc305955557d8f1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtSetDefaultUILanguage
ZwAllocateVirtualMemory
RtlIpv4StringToAddressExA

kernel32

MulDiv
FatalAppExitA
HeapCreate
Beep
CopyFileExA
CloseHandle
GetLongPathNameW
GetVersionExA
GetTempPathW
MoveFileW
FileTimeToSystemTime
WaitForSingleObject
OpenEventA
WaitForMultipleObjects
lstrcpy
GetModuleFileNameW
CreateDirectoryA
OpenEventW
GetAtomNameA
CreateSemaphoreA
DisconnectNamedPipe
ConnectNamedPipe

user32

ShowCursor
GetWindowLongW
GetWindowTextW
PostMessageA
SetCursor
SendMessageA
SetTimer
LoadCursorA

gdi32

StretchDIBits
BitBlt
CreatePatternBrush

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ