65d9c086da9f95ab7b7ac791f19725b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65d9c086da9f95ab7b7ac791f19725b0_JaffaCakes118
Size

43KB
MD5

65d9c086da9f95ab7b7ac791f19725b0
SHA1

c801dd70348e5434e4e25d7ca1de1c2364a7ad3a
SHA256

033d8c527d9292529785a4ec3012fe4ad90842ff37f268764c1b3f250706aa54
SHA512

563b1bd2551c3dd91433e6955d2dc833effec9a648c685b98174048372012d50e217843cf466ef7f5a882b07d7dd64e2ceca10a8c565f6d675ff25901345247d
SSDEEP

768:Ec2x5+uP7iEtzTMIVwOHGAhSWuNn5lHh4fDjGL+fgnT7VIrc1MvYTQ7:7GViEtzT7V7YZfh6jA9HVIrcu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65d9c086da9f95ab7b7ac791f19725b0_JaffaCakes118

Files

65d9c086da9f95ab7b7ac791f19725b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ed9c53b2c8cf4aac1e67641375110b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassNameA
FindWindowExA
CharUpperBuffA
GetWindowLongA
GetDC
GetForegroundWindow
GetClientRect
SendMessageA
MessageBoxA

kernel32

lstrlenA
CreateThread
GetCommandLineA
CreateFileA
GetVersionExA
VirtualProtect
lstrcpyA
ReadFile
VirtualAlloc
GetFileTime
GetModuleHandleA
Sleep
GetTickCount
DeleteFileA
lstrcmpiA
GetLocaleInfoA
TerminateThread
VirtualFree
SetEndOfFile
CreateProcessA
SetFilePointer
CloseHandle
WideCharToMultiByte
GetProcAddress
WriteFile
ExitProcess
LoadLibraryA
lstrlenW
lstrcmpA
GetLastError

gdi32

GetPixel
CreateCompatibleDC
SelectObject
DeleteDC
BitBlt
CreateDCA
DeleteObject
CreateDIBSection
GetDIBits
SetPixel

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_INIT_
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE