72645282dc265a5e5cb82f2f784d9306_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72645282dc265a5e5cb82f2f784d9306_JaffaCakes118
Size

283KB
MD5

72645282dc265a5e5cb82f2f784d9306
SHA1

ffc4a02ddf1cc800746188051ad13f205573628b
SHA256

c4a1b3e38e5952263b57f0a69a826576980748579aeab74d3913082ba4b3eb69
SHA512

6d018ff2063e6ece003349fa70f8dcce71315ee324c6be4c8dd675d6600d84de3021a04e89850fdef25216fcb1bb387447c700d2c371833ba2e7b83834ac869a
SSDEEP

6144:HeX04L/WVY8AViw8ha1t7xZw7P74c9Mxc4sccx/Wu:748AVis15U7z9MW4sbx/Wu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72645282dc265a5e5cb82f2f784d9306_JaffaCakes118

Files

72645282dc265a5e5cb82f2f784d9306_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4435256826ead76902c1aa16381faff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
GlobalLock
CreateJobSet
CloseHandle
GetModuleHandleA
ExitProcess
CreateMailslotA
GetTapeStatus
GlobalFree
GetOEMCP
EnterCriticalSection
GetStdHandle
GetProfileStringA
FindAtomA
GlobalFlags
GetProfileIntA
EnumDateFormatsA
LocalHandle
GetVolumePathNameA
GetProcessHeap
VirtualAlloc

user32

GetParent
ValidateRect
EndPaint
GetClassInfoExA
GetWindow
IsIconic
ReleaseDC
ShowWindow
GetFocus
DrawEdge
GetWindowTextA
BeginPaint
RegisterClassA
GetDC
GetWindowTextLengthA
GetClassNameA
GetForegroundWindow
CloseWindow
GetActiveWindow

gdi32

GetColorSpace
ExtCreatePen
CreateDIBitmap
GetCharWidthA
CreateDCA

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ