763853116a20516f2978d01abab9d5b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

763853116a20516f2978d01abab9d5b5_JaffaCakes118
Size

49KB
MD5

763853116a20516f2978d01abab9d5b5
SHA1

a409b0c8122dbb95065e31657297b6fd1e5e9e7d
SHA256

568b1072de9b5be34bea7219e5a4c97c4dcc9bfcc5363cdcfa0cbbda239dad5d
SHA512

53dcbc2c6b65076468d05a8527b9a60c9d0d658b499e9b20f4542b835d765fb38d905e325476e6c460fd9b434b620416bd9e3c45a455297c5362906cebc05c8a
SSDEEP

768:yJP839Uo++6SFoOMOzJFgprl61vyXUVNiP47topBnwpKvETYXEfDzkv:yx2v+ORzLgprDUVNiP47sBnwUETYe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
763853116a20516f2978d01abab9d5b5_JaffaCakes118

Files

763853116a20516f2978d01abab9d5b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d83ee5b7440815fda92a0dea0e1fb3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateMutexA
GetTickCount
CloseHandle
GetVersion
WriteFile
GetTempPathA
GetCommandLineA
GetSystemTime
lstrcpyA
CreateProcessA
lstrcatA
GetLastError
GetProcAddress
ExitProcess
VirtualAlloc
CreateFileA
GetTempFileNameA
lstrcmpA
GetLocalTime
lstrlenA
LoadLibraryA
OpenMutexA
lstrcpynA
FindAtomA
GetModuleFileNameA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
VirtualQuery
GetVersionExA
RtlUnwind
IsDebuggerPresent

user32

wsprintfA
SetDlgItemTextA
DialogBoxParamA
LoadIconA
SetWindowTextA
GetFocus
IsWindowVisible
EqualRect
SetClassLongA
ClientToScreen
EndDialog
GetDesktopWindow
GetCursorPos
GetWindowRect
GetCaretPos
InflateRect

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ