65d1076772e93f6008f00e35190c987c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65d1076772e93f6008f00e35190c987c_JaffaCakes118
Size

813KB
MD5

65d1076772e93f6008f00e35190c987c
SHA1

d2b3d8ca0f4c9156b3c5289230cbdfe02211d526
SHA256

09968d36cfd6b4cefc17701c8bc9aab4c0a928ac1972b64b15923d4bff3ff12d
SHA512

3856f2aeea688d3534eda47981b1b12c79adc1077e657d8bd2989caa9e2c96c9a6cba3611b32334bcee5c712678972708baa4c9ee3587d5cc3050e1574d060b6
SSDEEP

24576:8FIx2w6i9PGoQ+5rNLQJsr0LLZ8yw9tDm:8FII3cPGC5rmJsr0SyWm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65d1076772e93f6008f00e35190c987c_JaffaCakes118

Files

65d1076772e93f6008f00e35190c987c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97c9813ba48308a92dd81808bfeffa00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetCalendarInfoA
FindAtomA
GetConsoleCP
GetConsoleAliasA
LocalLock
LocalUnlock
GetLastError
CreateFileMappingA
GetModuleHandleA
GetACP
IsDebuggerPresent
CreateFileA
LocalFree
WaitForSingleObject
FindClose
FreeEnvironmentStringsA
CloseHandle
HeapCreate
TlsGetValue

user32

DispatchMessageA
SetFocus
GetDlgItem
GetDC
CreateDialogParamA
CascadeWindows
PostMessageA
IsWindow
CallWindowProcA
GetMessageA
DefWindowProcA
ScrollWindow
GetIconInfo
DrawIconEx

msasn1

ASN1BEREncFlush
ASN1BEREncLength
ASN1BERDecEoid
ASN1BERDecCheck
ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ