648f0174cd9bc55da638e4a23dbd4d4a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

648f0174cd9bc55da638e4a23dbd4d4a_JaffaCakes118
Size

64KB
MD5

648f0174cd9bc55da638e4a23dbd4d4a
SHA1

4f110d5cdc370944b16b4a16ef7a9753c090b189
SHA256

bf6701243464cb0693f5520b61b81d162b6b1faccddd89b2579295666d5daaed
SHA512

587085bf3f8ac51c2ae29353285c0e2e2ed297314141a1a3c6898d418a9ec461f7f0d0f2a92f8c2fe61083ec6e2e3f5f01992409c17a920143aa24c7ff1dc5cd
SSDEEP

768:6Ho5qN5HiW+rORiJFF4CHzAVff8AwXlnjxF52S9fPGWHOX0:6q/rF7CCH0mTXlljPGWH2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
648f0174cd9bc55da638e4a23dbd4d4a_JaffaCakes118

Files

648f0174cd9bc55da638e4a23dbd4d4a_JaffaCakes118
.exe windows:1 windows x86 arch:x86

7fa92ce473073a04b5d4f8afed8bc27f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
RegCloseKey

comdlg32

GetSaveFileNameA
ChooseColorA
GetOpenFileNameA

ole32

CoInitialize
CoUninitialize

msvcrt

_adjust_fdiv
__p__fmode
exit
memcpy
__set_app_type
_XcptFilter
_except_handler3
_acmdln
__getmainargs
__p__commode
__setusermatherr
_exit
_initterm
_controlfp
fclose

user32

SetFocus

kernel32

HeapAlloc
GetStartupInfoA
GetModuleHandleA
HeapCreate
UnmapViewOfFile

comctl32

ImageList_Destroy
PropertySheetA
ImageList_Create
CreateToolbarEx

gdi32

SetBkColor

shell32

SHGetMalloc
SHGetPathFromIDListA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ