616081d9fbeaab990d5654dafa7f7d04_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

616081d9fbeaab990d5654dafa7f7d04_JaffaCakes118
Size

99KB
MD5

616081d9fbeaab990d5654dafa7f7d04
SHA1

d2f302d9d45bab421f8d980f1c997b5771e82954
SHA256

c97fbcfa9c86774fbb5211b0638ec08252b775c88bf7b9e8b2b95144ff8189e8
SHA512

08ed89d21a4d0b5899b4a6d07dfb5b75aa295e140a30e90eefbce82a583ffaae83f988b239a3f632d30dad82191aaa283bb4a3c6c9486de3f199f6355700a1c1
SSDEEP

1536:cLhBUzKqLtwsY7gJg3Msp48CPyyGuG6KmME7BbfUUEOUXf1sBrA0ieXhes4xKDCt:cLhemqpwuJ4Moi6y9ZM2rEztsZAR/KU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
616081d9fbeaab990d5654dafa7f7d04_JaffaCakes118

Files

616081d9fbeaab990d5654dafa7f7d04_JaffaCakes118
.exe windows:4 windows x86 arch:x86

016699462c3f35e610f228d606a33a65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
LCMapStringA
GetStartupInfoA
GetStringTypeA
SetHandleCount
GetStdHandle
lstrcatA
GetStringTypeW
GetCPInfo
WriteFile
GetCommandLineA
GetCurrentProcess
MultiByteToWideChar
GetACP
LCMapStringW
GetModuleFileNameA
GetFileType
TerminateProcess
lstrcpyA
lstrcpynW
GetOEMCP
CreateFileA
lstrcpynA
GetVersion

user32

DialogBoxParamW
GetDlgItem
GetFocus
CloseWindow
CopyImage
DrawIcon
GetWindowTextA
GetDC
GetMenu
IsWindow
DrawIconEx
EndDialog
CopyIcon
GetWindowTextLengthA
LoadCursorA
DrawTextW
InsertMenuA
CreateIcon
LoadMenuA
CopyRect
DialogBoxParamA
GetCursor
DrawTextA

comctl32

ImageList_GetIconSize
ImageList_EndDrag
InitCommonControls
CreateStatusWindow
ImageList_DragEnter
DrawStatusText
ImageList_Draw
ImageList_LoadImageA
ImageList_AddIcon
ImageList_DrawEx
ImageList_Copy

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 16.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ