4cb2df6bc0a264b059f3065bf6b87fe6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cb2df6bc0a264b059f3065bf6b87fe6_JaffaCakes118
Size

138KB
MD5

4cb2df6bc0a264b059f3065bf6b87fe6
SHA1

e36149b7c5c38c3391d3257891181491cc969af8
SHA256

1edf53a50bc586263c617259ec030d4c2db071201bbffcc35febfd80fa388a0b
SHA512

018079870fee7fb204ee4d23baf238c01eb8fa1ff9d519c0a3a1866f88489e16758a2b12c6564b90d5a2d11454e1964bb85e75ba6d88428e298a31fe6fef664d
SSDEEP

3072:e5isnPuqgqb9lSqW/5UtM/0PklGZx/q2R5DBzo4t2fnrjmqFwc3OM+Uo:S7f4OtM/0PkYSK5i4tymqFdel

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cb2df6bc0a264b059f3065bf6b87fe6_JaffaCakes118

Files

4cb2df6bc0a264b059f3065bf6b87fe6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f32433f3ac5d4e573c1c9cf6c989c491

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\XjPqqqvq\fsbykv\cinonpnB\xmkdl.pdb

Imports

shlwapi

StrToIntA

msvcrt

wcstoul
putc
printf
vswprintf
wcstol

user32

RegisterClassW
IsCharAlphaNumericW
EnableWindow
ReleaseDC
GetWindowDC
GetIconInfo
OpenWindowStationA
HiliteMenuItem
GetMenuItemID
SendMessageA
GetWindow
GetWindowPlacement
DrawEdge

gdi32

GetTextFaceW
CreatePenIndirect
LineTo
CreateDIBitmap
Polygon

kernel32

EnumResourceNamesA
FindNextFileA
GetLongPathNameW
WaitCommEvent
MoveFileExW

comctl32

ImageList_Write
ImageList_Destroy
CreatePropertySheetPageW

Exports

Exports

?GetModuleHandleA@@YGXPAD@Z

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ