64b3a3488214438b6439285ded086a4e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64b3a3488214438b6439285ded086a4e_JaffaCakes118
Size

49KB
MD5

64b3a3488214438b6439285ded086a4e
SHA1

5634fda985c5e3552f71688a6f2f7dbd770c393e
SHA256

474da0cf19fa73415eeed99a283ec63972f2eb0cce0dc9a861eba0ac461899df
SHA512

a25d0ded44384c80f30519fec07840fa84d4637c4774e0ea052b6c5872f4235f2057f2031f85e2c3842741bc7f6f69773e38774777c571b814956a11d819ed0f
SSDEEP

1536:K//JRho/M4mW5E+XLeNAGdJhVXQvcz/0NnC:K3TIHmSEYLo7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64b3a3488214438b6439285ded086a4e_JaffaCakes118

Files

64b3a3488214438b6439285ded086a4e_JaffaCakes118
.exe windows:3 windows x86 arch:x86

93dfff8e4fe6bc8ec0b4aa9bb894e45a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcessHeap
HeapFree
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
LocalAlloc
QueryPerformanceCounter
UnhandledExceptionFilter

user32

DefWindowProcA
DestroyWindow
EndPaint
GetCapture
GetDesktopWindow
GetDlgItem
GetFocus
GetKeyboardType
GetSystemMetrics
GetWindowLongA
IsChild
IsIconic
IsWindow
SendMessageA
SetCursor
SetWindowTextA

Sections

CODE
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ