66a0fa4a583c173d619a5c091695add3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66a0fa4a583c173d619a5c091695add3_JaffaCakes118
Size

165KB
MD5

66a0fa4a583c173d619a5c091695add3
SHA1

4c0fe02b2399bb97606ea26f828643c99548c4be
SHA256

a299398cb03aba69eda75bb00283188dd36ea64efc4f8ce26cc9bf326014b613
SHA512

a4295e3087d0ef994132a231ae551a175dd31daf5286335bb7b36194e7e53a86cc6a18cdd134ba9da219fd3533b3f6ee81b2bace994a67378c5645730320af38
SSDEEP

3072:fL04i4A9nohHTi/CWhWOihmtW+jcKa/xl0j7DlHFZrhmdpwPu4aTj4Op8SRQAO:fPirnoxqCDOjWMcKaxaDlH3cdpGQX4ao

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66a0fa4a583c173d619a5c091695add3_JaffaCakes118

Files

66a0fa4a583c173d619a5c091695add3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aaebb9411c3a49f693ce1ecda366bc6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetModuleFileNameA
lstrcpyA
GetFileType
CreateFileA
GetStringTypeW
GetOEMCP
GetCurrentProcess
SetFilePointer
LCMapStringW
TerminateProcess
GetStringTypeA
GetCPInfo
GetStdHandle
LCMapStringA
lstrcpynW
MultiByteToWideChar
GetStartupInfoA
GetACP
GetVersion
WriteFile
GetCommandLineA

user32

LoadCursorA
GetCursor
InsertMenuA
CopyRect
DrawIconEx
CloseWindow
GetDlgItem
IsWindow
GetWindowTextA
GetMenu
DialogBoxParamA
GetFocus
IsMenu
GetDC
CopyImage
DrawIcon
LoadMenuA
GetWindowTextLengthA
EndDialog
DrawTextW
DialogBoxParamW
CopyIcon
CreateIcon

comctl32

InitCommonControls
ImageList_Create
ImageList_Destroy
DrawStatusText
CreateToolbar
CreateMappedBitmap
CreateStatusWindow
CreateUpDownControl
ImageList_AddIcon
MenuHelp

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 18.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ