4d922c443c7edf75e57547802c51ef02_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d922c443c7edf75e57547802c51ef02_JaffaCakes118
Size

173KB
MD5

4d922c443c7edf75e57547802c51ef02
SHA1

3053de7c059d21e5ef28c568ee0eda58b42b7051
SHA256

c938f8797bd64a417136b0b7db3f67283adcf10864c08d9e004eea68ab81793a
SHA512

7c0001be342d451a97da680f52a4853344cdbe04b3084f1f7fbf6020ab87d764f3a0572870614d0cec039834f6ba157e1a402e6c1b709ae3c2b027cf2e1313d1
SSDEEP

3072:aEdyhEIvbduiDjRakwG1z0HWUcBMEBL4R81k/fA3twnq91eUZKC0Neb/yraSHh:xMEeJuiDj8kwGl0HWUtEBLo8X3inq91n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d922c443c7edf75e57547802c51ef02_JaffaCakes118

Files

4d922c443c7edf75e57547802c51ef02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6d57d427b01a918ea52ab6d069acc38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowInfo
GetUpdateRgn
CreateWindowExW
EndDialog

kernel32

PrivMoveFileIdentityW
MapViewOfFile
GetProcessId
DeleteAtom
EnumResourceTypesA
ExitProcess
CreateFileMappingA
AddAtomW
ProcessIdToSessionId

oleacc

LresultFromObject

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ