64d0a8b3cd10a53d7542d0f31a58ff0d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64d0a8b3cd10a53d7542d0f31a58ff0d_JaffaCakes118
Size

813KB
MD5

64d0a8b3cd10a53d7542d0f31a58ff0d
SHA1

c7d0afd7b88c514aa85231a54b3ab930ee1d5961
SHA256

a6bf9c8fc939daea648467f3d58cf118f421c9f6676bc377648174c1236d74b3
SHA512

304cc7d9de9165bc3a1de47cfe0b04a2ac2d699806c80e46a62a7389b4d3986079c5f8112a6f3a49378e2aa2bcf1a033fa96ad641f509c5ed1bcabb5de1e56cd
SSDEEP

24576:nXHsd1aC9W7URxf2d/9mE00nFdoUpYXcq1VpGwB:XMdMCUf/YinF5Gcq1V3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64d0a8b3cd10a53d7542d0f31a58ff0d_JaffaCakes118

Files

64d0a8b3cd10a53d7542d0f31a58ff0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

967c4dcf1e4018ee6416ea6061fe1419

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
FreeEnvironmentStringsA
HeapCreate
LocalUnlock
GetModuleHandleA
TlsGetValue
IsBadReadPtr
LocalLock
GetConsoleCP
LocalFree
CloseHandle
GetLastError
GetStdHandle
CreateFileA
FindClose
GetFullPathNameA
LoadLibraryExA
CreateEventA
CreateFileMappingA
GetACP

user32

GetDlgItem
GetDC
GetIconInfo
DispatchMessageA
GetMessageA
EndDialog
PostMessageA
CreateDialogParamA
EmptyClipboard
DefWindowProcA
SetFocus
IsWindow
ScrollWindow
DrawIconEx

msasn1

ASN1BERDecCheck
ASN1BEREncFlush
ASN1BERDecEoid
ASN1BERDecBool
ASN1BEREncLength

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ