69cb36fa2cb6b1042716a9e5d8d80b73_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69cb36fa2cb6b1042716a9e5d8d80b73_JaffaCakes118
Size

172KB
MD5

69cb36fa2cb6b1042716a9e5d8d80b73
SHA1

20f9cd5e2030853d518d20e03765adb117b39c30
SHA256

79b3a2e9f6ae183419cd03215760ffe4f12b9107955a732ef888114c96a42ab4
SHA512

2c08c58208040cfe470170550bda7c286a6686b5d80823c9924ab56e9e428186b08a80ddde69a0bf0d7d2b692403ca88429e4f13208969b451331f3e14861ddd
SSDEEP

3072:N+zZNRq9EzKYA84FXG9wgSgK+GaL8lhNJ8kGDjz7LtD2iM2C7OoZ5xSGtaFVj7S:QzPnOYALSgaQ7b8Fzvto2CaGiGtOju

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69cb36fa2cb6b1042716a9e5d8d80b73_JaffaCakes118

Files

69cb36fa2cb6b1042716a9e5d8d80b73_JaffaCakes118
.exe windows:5 windows x86 arch:x86

46e4f541eef086152aaef8bb2aeb2e78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\cQAlXMIarzo\tFfRXfkaFgkvUy\pneQhju\yOzdZOyvihf\vRoqjNeARl.pdb

Imports

shlwapi

ord158

gdi32

SetWindowExtEx
GetLayout
RealizePalette
SetStretchBltMode
GetTextCharsetInfo
Ellipse

user32

IsWindowUnicode
wsprintfA
PostMessageA
IsWindowEnabled
SystemParametersInfoW
GetMonitorInfoW
GetScrollRange

kernel32

GetThreadTimes
HeapLock
GetModuleFileNameA
SystemTimeToFileTime
SearchPathA
GetModuleHandleA
LoadLibraryW

msvcrt

_controlfp
__set_app_type
__p__fmode
vswprintf
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
bsearch
_cexit
__setusermatherr
__getmainargs

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE