65433ef9101be62fb1ec72703909d621_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65433ef9101be62fb1ec72703909d621_JaffaCakes118
Size

56KB
MD5

65433ef9101be62fb1ec72703909d621
SHA1

d9d5fcb432aa89976a5b758704f2a549254c7a72
SHA256

3e3822994953d3817d8398b57f73d9d6337577e608376b4ea598f564bc78338b
SHA512

00d026047aad0b15db8b1bcb0996f0d9a5caa857d3aa2a7322074425c47ff589121286b26956c0fbee2a4260ad88011c576a05faeec66d556ccc03328d1b1f44
SSDEEP

1536:2T64uA8rFSeJoI3ER7gjhANzHFqc6LOv39q4PxMpzUZKddSFEYe:KuA8rFSa5ujsyf7O5yFEYe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65433ef9101be62fb1ec72703909d621_JaffaCakes118

Files

65433ef9101be62fb1ec72703909d621_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55ff3ec94147dc236daedbc510a9e1f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
GetConsoleInputExeNameA
WaitForSingleObject
CloseConsoleHandle
CreateDirectoryA
LoadResource
IsValidCodePage
WriteTapemark
SetComputerNameW
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

DdeCreateStringHandleW
OemToCharA
DragDetect
CopyImage
UnloadKeyboardLayout
ValidateRgn
TranslateMessageEx
CreateWindowStationW
GetClipboardFormatNameW
GetSystemMenu
DestroyCaret

gdi32

OffsetRgn
PolyPolygon
Pie
EngGradientFill
ResetDCW
GdiConsoleTextOut
PatBlt
ResetDCW
BRUSHOBJ_hGetColorTransform
OffsetWindowOrgEx
CreateSolidBrush
GdiSetLastError

Sections

.text
Size: 5KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE