71c1a4acc679419dd0af4f3981589355_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71c1a4acc679419dd0af4f3981589355_JaffaCakes118
Size

333KB
MD5

71c1a4acc679419dd0af4f3981589355
SHA1

3748c9dd1b4de2ada18843ff2b37b1e07a1db6d8
SHA256

ca4079939098d0e40f0f0bc599b647ca9849c9098a99afa6349c45440853b1a2
SHA512

c3b93d6a56619658b4a22c6cc302d85ea0c15443669d39837bda7cb9f7c3c3af26b9f38b3a4b7c15893caf62fd078a2f413dfff599b44b4ad3c547433fbbcdbc
SSDEEP

6144:mzymlMC96Qu/tHp6ZIVF01GXpNXPLIiu9nTR4:mOmD9y/81GpNfLaT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71c1a4acc679419dd0af4f3981589355_JaffaCakes118

Files

71c1a4acc679419dd0af4f3981589355_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd12c77105838c5bd6d9b6ac1c8521b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
GetVolumePathNameA
GetUserDefaultLangID
EnterCriticalSection
CloseHandle
FormatMessageA
GetOEMCP
CreateJobSet
GetTapeStatus
CreateHardLinkA
VirtualAlloc
GetModuleHandleA
FindAtomA
GetStdHandle
GetCommState
ClearCommBreak
ExitProcess
GlobalFree
GetProfileStringA
GetProcessHeap
GlobalLock

user32

GetWindowTextLengthA
GetActiveWindow
GetWindow
BeginPaint
GetParent
GetForegroundWindow
EndPaint
GetDC
GetWindowTextA
GetClassNameA
ValidateRect
IsIconic
ReleaseDC
RegisterClassA
CloseWindow
GetClassInfoExA
ShowWindow
DrawEdge
GetFocus

gdi32

CreateDCA
GetColorSpace
GetCharWidthA
CreateDIBitmap
CombineRgn

lpk

LpkInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ