49dbc68e424e5f862d98155655c2941f_JaffaCakes118 | Triage

Sharing

General

Target

49dbc68e424e5f862d98155655c2941f_JaffaCakes118
Size

79KB
MD5

49dbc68e424e5f862d98155655c2941f
SHA1

a38d68f7fce1cb12df53af2af3434f23d0288ae7
SHA256

8a646e89eb2bf3b7fdfc2a8ed4e9325ebc997829c323321eb1d6e6109824e8e3
SHA512

3d0998e5e0f2acef3bbc5b30d0d307851d595de0a10a5cb731f38b85ac6e110275339bc3956abc5cd179290af54f48feb2fc7d02515373bb696b50171e1a3ac7
SSDEEP

1536:/7BwKffcwLvljDHw8tLqxcpw8u2PvV4rhWIpYU7rAABs1ioOATT99D2ht/g:VwKncSZwGLg6wOirLqiobTvCh+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49dbc68e424e5f862d98155655c2941f_JaffaCakes118

Files

49dbc68e424e5f862d98155655c2941f_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4de08d8bb83f5fb806e442c87785b569

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleHandleA
GetSystemTime
QueryPerformanceCounter
RtlUnwind
lstrlenA

user32

CallWindowProcA
GetWindowRect
GetLastActivePopup
GetDlgItem
SetDlgItemTextA
IsDialogMessageA
LoadCursorA
GetMessageA
GetWindowLongA
SetWindowLongA
GetDesktopWindow
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
wsprintfA
SendMessageA
RegisterClassExA
PostQuitMessage
UnregisterClassA
CreateWindowExA
MoveWindow
DefWindowProcA

gdi32

GetStockObject
GetTextMetricsA
SelectObject

crtdll

__GetMainArgs
exit
memcpy
raise
signal
strchr

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 44B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 608B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE