7171d2bec07b2304a311270f768b15f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7171d2bec07b2304a311270f768b15f5_JaffaCakes118
Size

40KB
MD5

7171d2bec07b2304a311270f768b15f5
SHA1

06601f3c2c7d9a8ea6ef9ca40c08b0249aa202ce
SHA256

d08be96fc963e2ae46c23a347134fe840791bb8b6f31743d3fe8f4dbd39aaddf
SHA512

e5cd92c777ba76cab14a3d06b0106563d6bdabb987ac81379f89f32fb2a0019e482eb92e0feb1b97c97c2cef821e2c61937a2ab05f1b34e4c30d969b2f71e5f4
SSDEEP

768:a2uQDfqa83kfV2iY1XxtKaKWXwY8kK8dofILDFTS5bnrKUI5yddZ/u4:5qa80fViXxcaNXYJ8d/VTS5KUI0ddp/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7171d2bec07b2304a311270f768b15f5_JaffaCakes118

Files

7171d2bec07b2304a311270f768b15f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3ad0e646cc1399fe5b256dc339c1a95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
HeapAlloc
GetProcessHeap
GetCurrentProcess
GetProcAddress
GetModuleHandleA
CreateThread
GetCurrentThread
InterlockedIncrement
GetTickCount
InterlockedDecrement
QueryPerformanceCounter
InterlockedExchange
GetCurrentThreadId
InterlockedExchangeAdd
ExitProcess

user32

TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassExA
DispatchMessageA
DestroyWindow
DefWindowProcA
FindWindowA
FindWindowExA
GetCursor
GetActiveWindow
GetDlgItem
GetCapture

gdi32

TextOutA
SetGraphicsMode
GetBkColor
CreateSolidBrush
SetBitmapBits
ResizePalette
GetObjectType
UpdateColors

Exports

Exports

?Aje20A@@YAHHPADHHH@Z
?Aje22C@@YAHHPADHHH@Z
?Aje25F@@YAHHPADHHH@Z
?Aje26G@@YAHHPADHHH@Z
?Aje29J@@YAHHPADHHH@Z

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ