4de45deb4de76db5b08dd209cbe8826f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4de45deb4de76db5b08dd209cbe8826f_JaffaCakes118
Size

112KB
MD5

4de45deb4de76db5b08dd209cbe8826f
SHA1

865df187ffe6a12b03df302018f9a9eb20536d8e
SHA256

6784e16aa566617b583ccd8daa089833d11207eb768fda910291c6abaecf57bd
SHA512

66537ef7f626e7cb99ced69a142e2e56b177f472f2977170ee6209d76c00e68a7e032d3e1ad95a05fe773170ad24ee800e1e2da3d14c4f26571da059d142c6f5
SSDEEP

1536:uNuvKdkNZvvL1zLF/rekIFypYzONfKbXaaanhnu0EoCCXIV5FOflGVSmK:u0KSnZ9jeLAp0ON+2pf+VOtGVSmK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4de45deb4de76db5b08dd209cbe8826f_JaffaCakes118

Files

4de45deb4de76db5b08dd209cbe8826f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

037bfaccdfca49de6dac7b6e9f7eba7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileSectionW
LocalFlags
VirtualAllocEx
GetCommandLineW
ExitProcess
GetCurrentProcess
HeapCreate
OpenEventA
SetConsoleCursorMode
ClearCommError
GetBinaryTypeA
GlobalGetAtomNameA
IsBadStringPtrA

user32

SetWinEventHook
LoadBitmapA
InvalidateRect
RegisterServicesProcess
GetCursorFrameInfo
TileChildWindows
SetCaretPos
GetDialogBaseUnits
SetWindowLongA
GetWindowTextA
GetAltTabInfo
InvalidateRect

msvcrt

toupper
_snwprintf
memcpy

tapi32

lineSetAgentStateEx
lineCreateAgentSessionW
lineDrop
lineConfigDialogEdit

Exports

Exports

Xwgigcnbuuq
Xmrapjcu
ReadRkpebyva
Kmwwwehqmv
Onkhgaranj
Eknhvvfql
Nivokdve

Sections

.text
Size: 100KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 400B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ