70949b44c130d6daa69d7de472382331_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70949b44c130d6daa69d7de472382331_JaffaCakes118
Size

1.4MB
MD5

70949b44c130d6daa69d7de472382331
SHA1

16dc4b91c0cd9804546863196744722ae633ff8a
SHA256

c74d670a3f7c30cf433ce3f00165fd5099020010143ea3b7c624cb80bf77301e
SHA512

7073a75d05ada20c2595e15980e662dbba0a7e471e6ce4f61d91d375cfeee41e11a02f789f321837496176ab8d624bdc5a44697964da9351ed18a9cbcb0ee394
SSDEEP

12288:Us0XT6zbx2omACjv7q3tSPLNPOL5h8mr8yguSeL6gl3GD9T5QoCVTZY:ATMMACje3OYUmrVggI5VQRt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70949b44c130d6daa69d7de472382331_JaffaCakes118

Files

70949b44c130d6daa69d7de472382331_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c79587514b95e28ab8c75030e10320d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ActivateKeyboardLayout
DefWindowProcW
DestroyIcon
EndMenu
CheckRadioButton
CreateWindowExW
ToAsciiEx
SetWindowLongW
SetTimer
GetKeyNameTextW
GetMessageW
GetMessageTime
GetPropW
GetScrollRange
UnhookWinEvent
VkKeyScanExW
DlgDirListW
DrawEdge
DrawIconEx
CascadeWindows

kernel32

ExitProcess
VirtualProtect
InitAtomTable
IsBadCodePtr
IsValidLocale
ReadFile
SetConsoleCP
GetModuleHandleW

Sections

.text
Size: 448KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 403KB - Virtual size: 615KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ