650d389f6247c42dd14e19ffcc1983e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

650d389f6247c42dd14e19ffcc1983e4_JaffaCakes118
Size

1.2MB
MD5

650d389f6247c42dd14e19ffcc1983e4
SHA1

1817b58020a80371b83b65809a10c4dcf6e823d2
SHA256

a2048538e45fa45170a1744c25ad57dd1f9f3e9db6a95e181499a05221f3cd6c
SHA512

596437f2b397eae50177069c4874571e2d96dfe569a6d05f16a2d5e0afb464e6bb649b3bd44edeb0793c898b2e3ed67378488208e930b61f995e8c377f888570
SSDEEP

24576:wdG6Y+CH7rU/xSz9o45af5ocweYItlrU/xS:w3Y+gXG4aRokYw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
650d389f6247c42dd14e19ffcc1983e4_JaffaCakes118

Files

650d389f6247c42dd14e19ffcc1983e4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ebef973115dda30cf700d6afa2cd97a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
OpenEventA
OpenFileMappingA
VirtualFree
InitializeCriticalSection
GetLastError

user32

LoadBitmapA
DlgDirListComboBoxW
SendNotifyMessageA
ChildWindowFromPointEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 988KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ