719270840d32afbe3b32312d79bcf6ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

719270840d32afbe3b32312d79bcf6ef_JaffaCakes118
Size

56KB
MD5

719270840d32afbe3b32312d79bcf6ef
SHA1

3634ee1919b85170d6c5dbcfc54fbf494c934e70
SHA256

789e94e509ec6fa3cdc7879a088d406dca0b763d12b04dbf0e7e6a15a8d9769d
SHA512

a17ed3437b1c8e04347fdd0480a352067803c95ba402b6b43843b0aa97307726ec3837b0704a07940672d3894dad407a7816413632f3719964e8e04a26c85951
SSDEEP

768:xOueOGZ2HBU+60MlInZ3ReqlK48C22SC/5t/3KR2nos0su7WSVScN86ABF5s4J7n:x6bZ8asePG5I2oc0zcnxx/Zx8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
719270840d32afbe3b32312d79bcf6ef_JaffaCakes118

Files

719270840d32afbe3b32312d79bcf6ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb4ff176762048473b63c4ae8b4fa035

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetEnvironmentStringsA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStringTypeW
HeapAlloc
HeapCreate
HeapReAlloc
IsValidCodePage
IsValidLocale
MultiByteToWideChar
RtlUnwind
SetLastError
SetThreadAffinityMask
SetUnhandledExceptionFilter
TerminateThread
VirtualQueryEx
WideCharToMultiByte

user32

GetUpdateRgn
OffsetRect
GetDlgCtrlID
SetWindowPlacement
DefDlgProcA
DrawFrameControl
DispatchMessageA
DestroyWindow
RedrawWindow

ole32

CoBuildVersion
CreateAntiMoniker
CoFileTimeNow
CoCreateInstance

winmm

joyConfigChanged
joyGetPosEx
timeGetTime
waveOutGetNumDevs
joy32Message

Sections

.text
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ