6fef4b3ec5eaf0085d8b3a74fb513310_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fef4b3ec5eaf0085d8b3a74fb513310_JaffaCakes118
Size

51KB
MD5

6fef4b3ec5eaf0085d8b3a74fb513310
SHA1

d4ec4ac613d900486a19d57a44a56297696c7238
SHA256

32d7aaddd7e3cedf2d7478fdd55a0eaef46607f4da1c17e9ccc26e35f2ac185c
SHA512

f366da5f07ff3cca77b37391e5c46c65bced1fdbc10758dc6a5328140a086a4e8cdb9d012ed3a812ca37d9d0f346a9d926307147d5392880f4df320b70e3b8ec
SSDEEP

768:g99dWXlVqca6CmHCrTdkOU4BsM08R8iVwke4uUu0nwctuodAU9Pi98wKTtK:cQMa6k2BsM0W8iuUu0nwPEiu3TtK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fef4b3ec5eaf0085d8b3a74fb513310_JaffaCakes118

Files

6fef4b3ec5eaf0085d8b3a74fb513310_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a7bc5309c736cf72b4ce25774d4b3bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
FindFirstFileA
GetACP
GetCommandLineA
GetConsoleCP
GetCurrentProcess
GetEnvironmentVariableA
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetProcessHeap
GetStartupInfoA
GetSystemDirectoryA
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
ResetEvent
RtlUnwind
SearchPathA
SetEvent
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
TlsSetValue

user32

IntersectRect
LoadStringA
SendMessageTimeoutA
GetKeyState
EndDialog
DrawFrameControl

comdlg32

ReplaceTextA

Exports

Exports

GetNextReadyBuffer
ReleaseUpdateListRef

Sections

.text
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ