4b6317f9739b83c7f46281b2df22fdf5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b6317f9739b83c7f46281b2df22fdf5_JaffaCakes118
Size

56KB
MD5

4b6317f9739b83c7f46281b2df22fdf5
SHA1

3b493d439161b846068485c8980e30844e1a62b6
SHA256

8f8045d6709cd967464cb2801cf9528e4b622842adba39498fe3cae7ae0441b6
SHA512

39c5dfbee1ae864a053a44b572bf1e0e64ab0aca2c12b8b39768a7ce5be89eaaa0511c842adff8ecaaae85b251f88cde1e581ca4c6aa0beef46c7daba17eae10
SSDEEP

1536:1jjwNd3NXvXtkZrlrqmlw/nH0NC0Irsw4:5qtk9lrxlwP0c0Irsw4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b6317f9739b83c7f46281b2df22fdf5_JaffaCakes118

Files

4b6317f9739b83c7f46281b2df22fdf5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0019c9b49e7d57c3052070f31f5e600

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
GetStdHandle
GlobalLock
FreeEnvironmentStringsA
CreateFileA
CreateEventA
GetACP
GetModuleHandleA
CreateFileMappingA
IsBadReadPtr
LoadLibraryExA
IsDebuggerPresent
HeapCreate
GetConsoleCP
CloseHandle
FindClose
DisconnectNamedPipe
GetLastError
LocalUnlock
LocalFree

user32

CreateDialogParamA
EmptyClipboard
DispatchMessageA
ScrollWindow
GetDlgItem
SetFocus
GetDC
DefWindowProcA
IsWindow
EndDialog
PostMessageA
GetIconInfo
GetMessageA
DrawIconEx

uxtheme

DrawThemeIcon
CloseThemeData
GetThemeMetric
EnableTheming
GetThemeColor

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ