7038ab164e357edf9197f1eed7767934_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7038ab164e357edf9197f1eed7767934_JaffaCakes118
Size

205KB
MD5

7038ab164e357edf9197f1eed7767934
SHA1

6227d9757dfdd4895da4db8b81892b5e883eb3e8
SHA256

34e214b29e7bcc88afa7b8774abbc479590c491ddbccdbb233fc123ec9d67858
SHA512

e89b4664e39884420a9bbddafd39be705225ddf18d9ef010ba2c12803c0cafb675ab16bc20957de4b3b26243e42fd585a9e8a8685b0bc6f100c159b4725c93ab
SSDEEP

3072:C5mZTB3oD4I8qEaJpzM6W7p+7zbJQ229Q64NqOIzR5oRnvefpDEjo:CATRoDXhyEf1EVQhIzQv0Ejo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7038ab164e357edf9197f1eed7767934_JaffaCakes118

Files

7038ab164e357edf9197f1eed7767934_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3c368a0379b1923489987ed7bc5ea77c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
TranslateMessage
GetDlgCtrlID
CheckDlgButton
GetWindowLongA
EnableWindow
BeginPaint
SetWindowTextA
WindowFromDC
GetClipboardViewer
EndPaint
LoadIconA
LoadCursorA
RegisterClassExA
DispatchMessageA

gdi32

CreatePatternBrush
GetStockObject
CreateEllipticRgn
DeleteObject
CreatePen
SetMapMode

ole32

CoCopyProxy
CoGetCurrentProcess
OleGetClipboard
OleIsRunning

oleaut32

VectorFromBstr

kernel32

GetDriveTypeA
LeaveCriticalSection
DeleteCriticalSection
GetACP
HeapFree
GetStartupInfoA
InterlockedExchange
SetFileAttributesA
HeapCreate
HeapAlloc
GetEnvironmentStrings
EnterCriticalSection
InitializeCriticalSection
HeapDestroy
GetLastError
GetModuleHandleA

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ