59b78dbc0cdd97ea12ac4d49b75f5d44_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59b78dbc0cdd97ea12ac4d49b75f5d44_JaffaCakes118
Size

429KB
MD5

59b78dbc0cdd97ea12ac4d49b75f5d44
SHA1

1df35ded8c79ddf238ce84ff5996d9aca31c4e2b
SHA256

c2b0af7b5441ab0fda5cf1d252af16ec5e98a5005164a9dc73829ee782bdf41d
SHA512

fc62ec70edb3b0390eb7755f51ccd746d257d75b24b2e80084666c3fe1dd26b7f28fad6f8db4f4721ed56018e912809897405bae64153ef9e1ac69a74e9215bd
SSDEEP

6144:R6po/2+cb1sOjZwfB+IX90X9x5whIFhAahadIE5lKZGzQeMTDcMz9H5QDvEW3hPz:Ap4Hchs/QgoKUwIE5MaQTTD7nIxPpp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59b78dbc0cdd97ea12ac4d49b75f5d44_JaffaCakes118

Files

59b78dbc0cdd97ea12ac4d49b75f5d44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0d6c759db03e4fdb4224d6363a21a8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetACP
FindClose
GlobalLock
VirtualProtectEx
GlobalUnlock
lstrlenA
GetLastError
CreateEventA
OpenMutexA
LoadLibraryExW
FreeEnvironmentStringsA
IsBadReadPtr
GetStdHandle
OpenMutexA
CloseHandle
ResumeThread
LocalFree
GetSystemTime
FreeConsole

user32

EndDialog
ClipCursor
GetComboBoxInfo
IsMenu
DialogBoxParamA
GetMessageA
GetSubMenu
SetFocus
LoadCursorA
GetDlgItemTextA
IsIconic
GetMessageA
CreateWindowExA
MessageBoxA

msasn1

ASN1BEREncOpenType
ASN1DecAlloc
ASN1BEREncNull
ASN1BERDecBool
ASN1BERDecCheck

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ