6f4e9f2f33033c1000175ed16c7aa45d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f4e9f2f33033c1000175ed16c7aa45d_JaffaCakes118
Size

338KB
MD5

6f4e9f2f33033c1000175ed16c7aa45d
SHA1

8ea98d701f946da69823b8c5616030d4fa06bd9a
SHA256

880c3be37c61fd79ccb7d8801c2b4d615197ecfbe63a225b87203a2bf51f3252
SHA512

f547f8e4f1329039c3c5674ed96f680d2eb739e36717e5fe79beb0bc945a560b01b6da2d51c76ebfca8a3bff12e66e0dd7d496e79241770ede5de7d6a4c33b15
SSDEEP

6144:CH1sf4yfVA7at+8OFSaTqI2NmQ4Q4Lk8/FLY5atRlRwonbvrjxWlg+f4eNmOOfp2:yA4Hut+8OF/q3wi4Lk/atRoonbv5Wl1Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f4e9f2f33033c1000175ed16c7aa45d_JaffaCakes118

Files

6f4e9f2f33033c1000175ed16c7aa45d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

955715934de0a60fc3c9d2e5402c981c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateIoCompletionPort
GetACP
VirtualProtect
GetCommandLineA
LoadLibraryExA
ResumeThread
GetCurrentProcessId
PeekConsoleInputA
GetOEMCP
HeapCreate
WaitForSingleObject
GetProcessHeap
InterlockedExchange
GetTimeFormatA
HeapDestroy
IsDebuggerPresent
GetSystemDefaultLCID
GetStdHandle
GlobalMemoryStatus
GetModuleHandleA
GetTapeStatus

user32

GetClassNameA
GetWindowTextLengthA
BeginPaint
GetParent
SetForegroundWindow
GetFocus
ShowWindow
SetActiveWindow
ReleaseDC
FrameRect
DragDetect
GetWindow
GetDlgItem
GetCursorPos
DrawTextA
FillRect
wsprintfA
EndPaint
GetTitleBarInfo

gdi32

GetLayout
CloseFigure
CreateBitmap
GetClipBox
CreatePalette

secur32

DecryptMessage

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ