6fa60245b62cae8536c84415ac88846b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fa60245b62cae8536c84415ac88846b_JaffaCakes118
Size

53KB
MD5

6fa60245b62cae8536c84415ac88846b
SHA1

828466170f57f8bd3592584e8fb68556d290c7ee
SHA256

3baa6affe8a44e1e16c3f2c0022379f1e2a166059841ba6d4f5bc739db2828f3
SHA512

adf56bbd6a42e08cad2c7a190695c227c39d849894205174578ff83b26fad0533d1c3339648eb0f73417c585c995a1a0d639963edfcf63b5dacb2e97372349a8
SSDEEP

768:0Iz4Z0afGDGKjI1Quwy1gizx7rn6a7AKnGLitWOkPe+Er:0Iz4Z0a+DtjMkKBrn6a7LJI58r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fa60245b62cae8536c84415ac88846b_JaffaCakes118

Files

6fa60245b62cae8536c84415ac88846b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e8a176305b42a9f8ccd83870414d658

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
LoadResource
LockResource
ReadFile
RtlZeroMemory
GlobalAlloc
SizeofResource
WriteFile
lstrcpyA
lstrlenA
GetModuleHandleA
GetFileSize
GetCurrentDirectoryA
FindResourceA
FindNextFileA
CloseHandle
FindFirstFileA
FindClose
ExitThread
ExitProcess
CreateThread
CreateFileA
SetCurrentDirectoryA

user32

SendMessageA
SetCursor
MoveWindow
LoadIconA
WinHelpA
SetDlgItemTextA
SendDlgItemMessageA
LoadCursorA
LoadBitmapA
GetDlgItemTextA
GetDlgItem
EndDialog
DialogBoxParamA
GetSysColor

comctl32

InitCommonControlsEx
InitCommonControls

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA

comdlg32

GetOpenFileNameA

ole32

CoTaskMemFree

gdi32

CreateCompatibleDC
CreateSolidBrush
DeleteDC
DeleteObject
ExtFloodFill
GetPixel
SelectObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ