6f4850f99cd9015107d56223a38a3735_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f4850f99cd9015107d56223a38a3735_JaffaCakes118
Size

319KB
MD5

6f4850f99cd9015107d56223a38a3735
SHA1

a5453ba7a1bca7c3602962cdded78f5c3c9f9f9e
SHA256

d84f5138806a4ff22d0d5ba98a6f418961abd8b8eb4d2fd20896f0fb85a2cfc3
SHA512

b4ed4d23131b959909c97349b7621efc47395e14d6da853ab31fc1a49333dc949d810460cb538f830e8f7bcbf2512437507b7d4318419d7bef8df559ce96fc3a
SSDEEP

6144:PLr7K/z6BPEBrkD5CEiDUiTBRpT5XT3Wc:NB8JksUiTBRjDmc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f4850f99cd9015107d56223a38a3735_JaffaCakes118

Files

6f4850f99cd9015107d56223a38a3735_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4338ce65064fa07f0469a9e6b2a33f91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetTimer
SendMessageA
PostQuitMessage
MessageBoxA
KillTimer
GetKeyboardLayout
GetDoubleClickTime
GetDlgItem
EndDialog
DialogBoxIndirectParamA

kernel32

lstrlenA
lstrcpyA
lstrcatA
WriteFile
Sleep
SizeofResource
MultiByteToWideChar
LockResource
LoadResource
CloseHandle
CreateFileA
ExitProcess
FindResourceA
FreeResource
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryA

comctl32

InitCommonControls

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE