62f92fe6e4b9f0ed1fe373646ea97fc3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62f92fe6e4b9f0ed1fe373646ea97fc3_JaffaCakes118
Size

156KB
MD5

62f92fe6e4b9f0ed1fe373646ea97fc3
SHA1

9d2c5fb825130cf62b77f40f139b6919a7a780a7
SHA256

cef35d07be021e9b7aa35c38951a66f7606d744f61d1a584652aa71a9dc03bce
SHA512

194b17f363bcc0cb4857e186a28b038aa15536350e759b56b5eb076254c88f175e6835c93d0a63a1bd485d9965652e6d94eb70b4c4f3862b7bd1aff56f633e98
SSDEEP

3072:QHxP+YhvKjiTyfDkcHFTJ6GaGQnU+bdNBWdjYULdkd9Z7QJagetZxNZ5G/I:42YlYwcHJQf+hdq6/etZrrG/I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62f92fe6e4b9f0ed1fe373646ea97fc3_JaffaCakes118

Files

62f92fe6e4b9f0ed1fe373646ea97fc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97089042b509c4fe02a04550816ee7ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
InterlockedExchange
GetTickCount
WaitForSingleObject
CloseHandle
lstrlenA
GlobalUnlock
GetVersion
VirtualProtect
GetStdHandle
SuspendThread
HeapReAlloc
HeapCreate
GetSystemDefaultLangID
CompareFileTime
LoadLibraryExA
GetModuleHandleA
AddAtomA
GetCommandLineA
GetProfileIntA
WaitForMultipleObjects

user32

PaintDesktop
CreateCursor
ShowWindow
DispatchMessageA
SetPropA
SubtractRect
PostMessageA
DestroyMenu
CopyRect
GetWindowTextA
UpdateWindow
FindWindowA
MessageBoxA
EnableScrollBar
GetDlgItem
TranslateMessage
CreateCaret
GetMenuStringA
GetKeyState
GetKeyboardLayout
InsertMenuA
SetWindowPos
EqualRect
ModifyMenuA
DialogBoxParamA

atl

AtlUnadvise
AtlAdvise
AtlModuleInit
AtlSetErrorInfo
AtlGetVersion

dnsapi

DnsStatusString

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ