689dbf0fcde6ec06aa5ec041acd0874c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

689dbf0fcde6ec06aa5ec041acd0874c_JaffaCakes118
Size

787KB
MD5

689dbf0fcde6ec06aa5ec041acd0874c
SHA1

5156cbfed7b1b3b6eb2a19f977847ed57fd0b7f3
SHA256

ed4e3ccaa6277610f46bb394a37d16254a35233682d71440eefd04faf1add1c7
SHA512

e9d3f2b6e354f3ef2ada20979aac5eaaa202ba9e1babcbe66aad475a4a80d19fc78673d5e8b3f7cdacc87e5c03ca3c58fc07d2485eb56ac349b31b3de8fb06de
SSDEEP

12288:ofAGKTWaZXOGx1tFb6SX9y0k5Qkol6Qc2l4A1LM/reo8Cgy:3GKTxV9cSU0k5ol652SHS3y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
689dbf0fcde6ec06aa5ec041acd0874c_JaffaCakes118

Files

689dbf0fcde6ec06aa5ec041acd0874c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0e34a3d8e7ae79f8e389b8633dac4a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
lstrlen
TerminateThread
CreateFileA
IsBadStringPtrW
SetLastError
LoadLibraryW
CloseHandle
GetEnvironmentVariableA
ReleaseMutex
LocalFree
FindResourceA
GlobalUnlock
PulseEvent
GetModuleHandleA
FindClose
CreateMutexA
GetACP
HeapCreate
Sleep

user32

CallWindowProcA
IsWindow
GetDlgItem
DrawMenuBar
DefWindowProcW
CheckRadioButton
DrawEdge
GetIconInfo
CopyRect
FillRect
SetFocus
GetDC
DispatchMessageA

msasn1

ASN1BERDecCheck
ASN1BEREncBool
ASN1BEREncEoid
ASN1BERDecNull
ASN1BERDecBool

dpnet

DirectPlay8Create

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ