4aa7c75279e16b00d10c7ff2d906bf5f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4aa7c75279e16b00d10c7ff2d906bf5f_JaffaCakes118
Size

57KB
MD5

4aa7c75279e16b00d10c7ff2d906bf5f
SHA1

e5d37d9769624f541d08eade3375db4790606204
SHA256

b85a256cd9670f2418408a8da06881b7b01b642f76715750967f30d16d849b55
SHA512

9c35d2baaa60245f5d2ad762224d572cbfd193a27aa2cff556241bcec081ff7d69ff9b17887d2eb6c31ee6c7ea348bfa3287f7168442722c21b87934b2d7995d
SSDEEP

768:zDZp0CeD8OpbAKpIBCVNhC1mWML4P/IqikWPw0yVkUyc043dDnhZnVYJ:XZteFicV2/zZYwQA3pnXneJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4aa7c75279e16b00d10c7ff2d906bf5f_JaffaCakes118

Files

4aa7c75279e16b00d10c7ff2d906bf5f_JaffaCakes118
.exe windows:3 windows x86 arch:x86

be9517d61aaa000543c930028fddc254

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileA
SetEvent
CreateMutexA
lstrcpyn
VirtualAlloc
lstrcmpi
lstrcmp
GetAtomNameW
CreateDirectoryW
FindAtomW
Beep
GetProcessHeap
GetShortPathNameA
SystemTimeToFileTime
GetProcessHeaps
GetFileAttributesW
GetStartupInfoW
CreateFiber
lstrcmpiA
lstrcmpiW

user32

CharUpperW
CreateDialogIndirectParamA
EnableWindow
GetWindowTextLengthA
UnregisterClassW
GetWindowLongA
SetScrollPos
GetDesktopWindow
SetDlgItemInt
GetWindowRect
FindWindowW
GetTopWindow
RegisterWindowMessageA
ShowCaret
IsChild
IsWindow
DestroyCursor

gdi32

SetBkMode
CreateBrushIndirect
GetBitmapBits
CreateFontA
CreatePatternBrush

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ