62d62d0cb54a49aa55b3ba61a6b829a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62d62d0cb54a49aa55b3ba61a6b829a3_JaffaCakes118
Size

38KB
MD5

62d62d0cb54a49aa55b3ba61a6b829a3
SHA1

dba14ba25f0be532abe71d29d7c6db67b403e547
SHA256

a54718077feda30224f6e5dda7237908e84ee52b52603d0b0fa9eff378c52d31
SHA512

d9937382be24feb1cb3f409c59632adbe0588eebf55ae07d184474302a8d0cada7ddb94d17e465238ad66e96a2ddd35144d59f3364200f5e7706ff8d9e40f74d
SSDEEP

768:XwCcN5zgRR6JbpSfXcSF/+SsKMhP0Ws3n/XmQUSAav9o24k2uxkuOfffffqvVMrs:8Mn6v4XTGSEK2Q3fQux1+s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62d62d0cb54a49aa55b3ba61a6b829a3_JaffaCakes118

Files

62d62d0cb54a49aa55b3ba61a6b829a3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f7b456d8f47dca958c12aaa7294d2a4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\kpmwtqlcivJx\rfmdqAL\wXsrzVpAgeFng\wlKwZvnAupQ.pdb

Imports

shlwapi

UrlGetLocationW
ChrCmpIW

kernel32

GetVersion
GetModuleFileNameA
lstrlenA
GlobalAddAtomW
GetHandleInformation
GetModuleFileNameW
LoadLibraryExW
TlsFree
lstrcmpW
LoadLibraryA
lstrcmpiW
GetComputerNameExA

user32

IsChild
GetWindowLongA
CreatePopupMenu
wsprintfW
InsertMenuW
GetDC
UpdateWindow
CreateDialogParamW
GetForegroundWindow
GetUpdateRgn
IsDlgButtonChecked
DispatchMessageW
GetDlgCtrlID
GetShellWindow
ReleaseDC
GetClassLongA

gdi32

SetAbortProc
GetROP2
IntersectClipRect
CreatePalette
Escape
EnumFontFamiliesW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
fgetc
memset
_exit
atoi
_cexit
__setusermatherr
__getmainargs

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idir
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE