49719552d43663cc24a19aec603d33bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49719552d43663cc24a19aec603d33bf_JaffaCakes118
Size

56KB
MD5

49719552d43663cc24a19aec603d33bf
SHA1

2fa2be9d646ee73ced2f124d977e4bdddae523e5
SHA256

d9a2c2ed8bd3ff3612f865b31a430abb9c31a8d5f97bec7b4b4fcd0737fbb68f
SHA512

2314df3d6fb15b070cc9d6791001de4c01f8ebfd3b9108294c436dcb34e3c32e0219a081659c3057906bf3eaebd732e08de12fe96d3c9b5ef49548ec538ccd3f
SSDEEP

1536:HbsWm4IuTxuQzOMli2B1KJ82icWNuhDkldrjKsyWlGX+s:guTxuQzOMli2B1KJ82icWNuhDklZ5yjB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49719552d43663cc24a19aec603d33bf_JaffaCakes118

Files

49719552d43663cc24a19aec603d33bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c4af752066bd547e24a649fffeb6b54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
CloseHandle
GetLastError
GetConsoleCP
WaitForMultipleObjects
GetACP
FreeEnvironmentStringsA
LocalLock
GetModuleHandleA
LocalFree
CreateFileMappingA
Sleep
GetCalendarInfoA
TlsGetValue
LoadLibraryExA
CreateFileA
FindAtomA
FindClose
GetConsoleAliasW
HeapCreate

user32

FillRect
GetDlgItem
GetDC
DrawEdge
IsWindow
CheckRadioButton
CopyRect
SetFocus
GetIconInfo
DefWindowProcW
DrawTextA
CallWindowProcA
DispatchMessageA
MessageBoxA

setupapi

CM_Add_Range
SetupCloseInfFile
CM_Add_IDA
SetupCloseLog
CMP_Report_LogOn

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ