610b19c1cec2990d6830505a6e4f7887_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

610b19c1cec2990d6830505a6e4f7887_JaffaCakes118
Size

338KB
MD5

610b19c1cec2990d6830505a6e4f7887
SHA1

83f37c5424aa9cf80e862e79024d140794286e44
SHA256

1d07abd03994a4072c78da3fc849cedbd7e5c80aa3725379de8a5a83ce7bcb58
SHA512

2209acd39bfe05866c669a9024250ff4a1645a2f51cd6e29618c481176f3ae0bca57329adce46c18289157f7a256d6a8146c0813b91bc3c45020d71560a9be47
SSDEEP

6144:dnc64DCtD752cycYt4Tl9HSw4T2xmEKhDYfJE9kfIy4jNYoZooqwNgk:dcdK75tHYt4rj4TCxDfIyUjodk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
610b19c1cec2990d6830505a6e4f7887_JaffaCakes118

Files

610b19c1cec2990d6830505a6e4f7887_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b2f1a2ea887d9cdcf12dae97e51a597

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetCommandLineA
HeapCreate
GetCurrentThread
VirtualProtect
HeapQueryInformation
HeapDestroy
LoadLibraryExA
GetTimeFormatA
GetTapeStatus
CreateIoCompletionPort
IsDebuggerPresent
GetCurrentProcessId
GetStdHandle
GetACP
GetModuleHandleA
FindClose
WaitForSingleObject
GetOEMCP
GlobalMemoryStatus
GetProcessHeap

user32

DrawTextA
ShowWindow
GetDlgItem
GetFocus
GetClassNameA
GetParent
GetWindow
wsprintfA
BeginPaint
GetCursorPos
DragDetect
GetTitleBarInfo
ReleaseDC
FrameRect
EndPaint
SetForegroundWindow
GetWindowTextLengthA
FillRect
SetActiveWindow

gdi32

GetClipBox
CreateBitmap
GetLayout
CloseFigure
CreatePalette

userenv

DeleteProfileA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ