61ae27965a63204caee895baba276865_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61ae27965a63204caee895baba276865_JaffaCakes118
Size

47KB
MD5

61ae27965a63204caee895baba276865
SHA1

79693d7881822b2d54d67cec64350d088331ff31
SHA256

6c21f760ff68878d571f04510c6b864ae7424a671c4cc57a48d34e4f01a74495
SHA512

ca69d5adcf94627f7866082c8454aba2890c375bc928484b310a8d616af6c72605ef86d8fb8065e600d363e60e7e8aed7cb95e5ef54a7e38f3ebb96a51e5053c
SSDEEP

768:yoG4i2f7UTyiWyCUXnPzwqIYy+VM7LCuYAYqvJjBHcbWJHKNppSxgIuQaF:Ji47UFWyPPDhm/EABvJjAIqNppSFuZF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61ae27965a63204caee895baba276865_JaffaCakes118

Files

61ae27965a63204caee895baba276865_JaffaCakes118
.exe windows:4 windows x86 arch:x86

104ac8a726755ffc89207fa848330555

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
TlsFree
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
lstrcatA
GetCommandLineA
GetModuleFileNameA
FreeLibrary
GetDriveTypeW
TlsAlloc
GetSystemDefaultLangID
GetCurrentThread
GetSystemDefaultLCID
IsDBCSLeadByte
GetModuleHandleW
VirtualAlloc
TlsGetValue
GetLogicalDrives
lstrcmpA
GetACP

user32

GetFocus
GetSystemMetrics
GetWindowTextLengthA
IsWindowVisible
GetWindowTextA
GetForegroundWindow
GetClassLongA
RegisterClassA
ReleaseDC
CreateWindowExA
BeginPaint
GetWindowLongA
GetActiveWindow
UpdateWindow
GetDC
IsIconic
ShowWindow
GetWindow
GetWindowDC

gdi32

DeleteObject
GetStockObject
SetBkMode
SelectObject
GetObjectA
SetTextColor

uxtheme

EnableTheming
DrawThemeIcon
DrawThemeText
GetCurrentThemeName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ