6abc48cfbb514fb8d33ed1e8d02148bb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6abc48cfbb514fb8d33ed1e8d02148bb_JaffaCakes118
Size

113KB
MD5

6abc48cfbb514fb8d33ed1e8d02148bb
SHA1

2de9717ca2ce56b98d307bd039922c8d4e7bf47c
SHA256

a9772294f12fa78c9a7fe9ffcc7a37d997ae540ab6b064f11755a5423cc86463
SHA512

24fc15e91a12ff9971f7494edcf6d9e3ebfd30c9620dc4bdd6aee5481a506c3cf9b50966019da24bc3a83153c585a859f6170e3331bb0dff6829a4799829d2a1
SSDEEP

1536:m/0f4p8iVdqDkhSchSWiSDWP/OsWQH6CazASXhXSWLlWT3PmcsYN/Xzg0CsNdyu4:RLiVdubWibOQNi3MWL4FksNYFfPt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6abc48cfbb514fb8d33ed1e8d02148bb_JaffaCakes118

Files

6abc48cfbb514fb8d33ed1e8d02148bb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

00eb2599800144096cb46af9c2e35f0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrIW
StrCpyW
StrCatW

kernel32

GetModuleHandleW
WideCharToMultiByte
GetProcAddress
LoadLibraryW
CloseHandle
GetCommandLineW
GetTickCount
Sleep
CopyFileW
lstrlenW
CreateProcessW
GetEnvironmentVariableW

user32

EndPaint
BeginPaint
EndDialog
GetDlgItemInt
DialogBoxParamW
SetWindowsHookExW
SetForegroundWindow
UpdateWindow
ShowWindow
CreateWindowExW
RegisterClassExW
GetAsyncKeyState
CallNextHookEx
GetSystemMetrics
GetWindowLongW
SetWindowLongW
SetWindowPos
SetLayeredWindowAttributes
MessageBoxW
DefWindowProcW

gdi32

SetTextColor
SetBkColor
Rectangle
CreateSolidBrush
CreatePen
SelectObject
CreateFontA
TextOutW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ