72f70e257a8a692814433addb9e048a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72f70e257a8a692814433addb9e048a5_JaffaCakes118
Size

361KB
MD5

72f70e257a8a692814433addb9e048a5
SHA1

aa158de32f74e7b3e7d22ab8c833a12f3a7825fb
SHA256

31dd8d576d2f7f3619ff11722688c7a2b3d1af9ea7d76482b597510b191f7b80
SHA512

950618e39c136755aaabf0515a6102255ae5f248e6b1ebbc6e37b9f76d332b86c36061938960c4dcad771f6939bd7e1bbdb577f10f98bd2fd6a4c02dbaa905ad
SSDEEP

6144:1/iBChXJjs9bb660oq9GX0qnO7b3J+cWckh:VxXg/6IrX0qnO7b3J+Dca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72f70e257a8a692814433addb9e048a5_JaffaCakes118

Files

72f70e257a8a692814433addb9e048a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96bf44215b2869d72c44e86a22d80954

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

user32

GetMessagePos
GetDesktopWindow
CharNextA
GetInputState

kernel32

GetThreadLocale
GetCurrentThread
GetConsoleOutputCP
VirtualAlloc
lstrcmpiW
RemoveDirectoryA
GetModuleHandleA
SetCurrentDirectoryA
GetCurrentProcess
GetTickCount
lstrcmpA
DeleteFileW
GetDriveTypeA
CopyFileA
GetModuleHandleW
GetVersion

gdi32

GetDIBColorTable
SetBkColor
SetColorSpace
SetBrushOrgEx
GetTextMetricsA
LineTo
SetWindowExtEx
SelectPalette
RestoreDC
SetBkMode
GetPaletteEntries
EndDoc
EndPath
SetTextColor
SetMapMode
GetDCOrgEx
BeginPath

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ