73957ff3abb2a237481d6aea59deb92c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73957ff3abb2a237481d6aea59deb92c_JaffaCakes118
Size

39KB
MD5

73957ff3abb2a237481d6aea59deb92c
SHA1

8f35791252ab2b41b08e543dcaa7199d1a5e6983
SHA256

37ab235ee9bdddb5b2975b1e7e1bfb993b1e8a8c8ca179127839c933ce20f93f
SHA512

ccb0c5bf3fe855c98da5032fabbb2a9bd485121745ac0f39ca5104b86e17e8aaf8187470c01fd0671786f40ca31ccc1500666ab1bb0c2fe55e5609a398a8f1e4
SSDEEP

768:mxbP2UDZav6H57lWTYi75Pw7j22vNo5olRvgCxrGlLMQaA8wQG9gJTpZVd:mxx8v6HFBitP0TvHRvgQ1QQrXx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73957ff3abb2a237481d6aea59deb92c_JaffaCakes118

Files

73957ff3abb2a237481d6aea59deb92c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fd9a283053d288bf75570bf32dfd1ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
FatalAppExitA
FindFirstFileA
FindResourceA
FreeLibrary
GetACP
GetCommandLineA
GetConsoleCP
GetCurrentDirectoryA
GetCurrentProcessId
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
LCMapStringW
LeaveCriticalSection
LocalAlloc
MultiByteToWideChar
RtlUnwind
SetLastError
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
TlsSetValue
VirtualAlloc
WriteFile
lstrcpyA
lstrlenA

msvcrt

__p__commode
__set_app_type
_wcsicmp
exit
free
isdigit
__getmainargs

user32

GetParent
GetSysColorBrush
MoveWindow
PostMessageA
TrackPopupMenuEx

winmm

mixerGetLineControlsA
mmioClose
mmioDescend
mmioFlush
mmioRenameA
mmioSetBuffer
sndPlaySoundA
timeGetTime

Exports

Exports

DrawTextWCP_ME
VersionNumberUCScribe

Sections

.text
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ