6224f18f63f6494c96d7dde1db9997fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6224f18f63f6494c96d7dde1db9997fc_JaffaCakes118
Size

186KB
MD5

6224f18f63f6494c96d7dde1db9997fc
SHA1

b4f04d502b7a995274c8dbbaaea650736d626301
SHA256

b726992d7ab27a10a0a8ad9c7b1442be748233bd6833bcfa0bf67c7bddc5629f
SHA512

411e72ea792cd982650cf16eef0d5d3618a74ef0362d9997b6f5aac53a6327151558aee613ffc53a3f10e43406e04445f27d0f07f647031d67de4f300e18acf4
SSDEEP

3072:gz/82un8sNKXdpYeV3EQ5ibn/AYbJV0TiYAtbsCYS9yTmDPT1hH0Wy:fetpL9EQ5ixJZtQCP9VDPZi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6224f18f63f6494c96d7dde1db9997fc_JaffaCakes118

Files

6224f18f63f6494c96d7dde1db9997fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e991f6ddeb6a8ef1ef46cb84b93f3fe5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowLongA
ShowWindow
UnregisterClassA
IsDialogMessageA
IsWindow
ReleaseDC
EnableWindow
SetDlgItemTextA
GetDlgItem
IsDlgButtonChecked
CreateDialogParamA
DestroyWindow
GetDlgItemTextA
GetDialogBaseUnits
WinHelpA
CheckDlgButton
GetDC
MoveWindow
SendMessageA
CharNextA

shlwapi

PathFindExtensionA

kernel32

ExitProcess
IsBadWritePtr
FlushInstructionCache
GetSystemInfo
SetUnhandledExceptionFilter
HeapCreate
HeapReAlloc
HeapDestroy
GetCommandLineA
ExitProcess
VirtualFree
TerminateProcess
RtlUnwind
SetLocaleInfoW
VirtualQuery
TlsAlloc
VirtualAlloc
SetLastError
GetProcAddress
VirtualProtect

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

rpcrt4

I_RpcFreeBuffer
UuidCreate

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ