4a364685fe1b9e670c9ca4cace14c47e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a364685fe1b9e670c9ca4cace14c47e_JaffaCakes118
Size

62KB
MD5

4a364685fe1b9e670c9ca4cace14c47e
SHA1

38bb3703b7450b47d697fa3e1ed8f19288700a3b
SHA256

0532cd6c410dd4a2d7b331211b505c2d63fd5f975878327668c3b386ef4a9912
SHA512

0c0ecb172fe8452687f18ac0d5a7a6ab226b5b8acd96da24c3d1a57ceb8fa7f95cce3ef4f101c99d7eb26ba7f40e82552633d7edc28d2b20af81ff872bc2d21f
SSDEEP

1536:zBDojHvvgHNbeo9vByNobUTg9W+J01jNqKX9jp:pojvud7pyN/+J01fX9jp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a364685fe1b9e670c9ca4cace14c47e_JaffaCakes118

Files

4a364685fe1b9e670c9ca4cace14c47e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ff1543d6d95b6dfc2ab26330fa5ba84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ToAscii
RegisterClassW
OffsetRect
MessageBoxW
MessageBoxIndirectW
FillRect
EmptyClipboard

kernel32

InitializeCriticalSectionAndSpinCount
TlsAlloc
TerminateProcess
LoadLibraryW
HeapSize
HeapFree
WaitForSingleObject
CloseHandle
DeleteCriticalSection
ExitProcess
TlsGetValue

advapi32

RegSetValueExW
RegQueryValueExW

comdlg32

GetOpenFileNameW
GetFileTitleW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ