64fc32c63a22891635c6deac99ce10f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64fc32c63a22891635c6deac99ce10f4_JaffaCakes118
Size

98KB
MD5

64fc32c63a22891635c6deac99ce10f4
SHA1

7b2281f710567a432b8d3ef513737f08fa51214f
SHA256

2a588974b50a8be82e6e268ebdb63262ecf10cdec78161cae417418017ac12ea
SHA512

586bcab4c6eb4e80ae6eecc23879ab15486c79b03871e3bd0f0a1487e2acfd9548e655ab22a946b1b19b2183737c9f748ba5ffc9e0c281f969fb886818e7a548
SSDEEP

1536:n6sS2aqsXZl9wv7mlmCs1Yqc1zI5ULznmmpQkD+NzvRQ2ooIuWx4Hgx5:n6X2ZMl9+ClLEazI5U/nxbazvtohu9g5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64fc32c63a22891635c6deac99ce10f4_JaffaCakes118

Files

64fc32c63a22891635c6deac99ce10f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6fde8f338239fa8536deefe04e2ae525

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
TranslateMessage
ShowWindow
SetMenu
SendMessageA
RegisterClassExA
PostQuitMessage
LoadMenuA
LoadIconA
LoadCursorA
GetSystemMetrics
GetMessageA
DispatchMessageA
DefWindowProcA
CreateWindowExA
wsprintfA

kernel32

FindResourceA
lstrcpyA
lstrcatA
WriteFile
SizeofResource
SetFileAttributesA
RtlMoveMemory
LockResource
LoadResource
LoadLibraryA
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
CloseHandle
CreateFileA
ExitProcess
FreeResource
GetCommandLineA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ