73bc5259ca62a3337ab1806f00cd0277_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73bc5259ca62a3337ab1806f00cd0277_JaffaCakes118
Size

27KB
MD5

73bc5259ca62a3337ab1806f00cd0277
SHA1

bae132371800ad8188cfbec468819cf414278f77
SHA256

6e1e55c42be8cc8edc8f46b01ce408c7194880b52a5d05653188568e2aa69e40
SHA512

a91cba1616ccd1ee4790b63c081b1c0c22639db2947660617d1e4a541be9e6610f618f575be1590cc942dc29695f48177e2c3e65aab0f63e79ee391249bae802
SSDEEP

384:71WOlcO/On7M+b7UTw6AlT+WymHDoVIV1IHWNQhMZ:7vG7bb7UTyiWym1Dh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73bc5259ca62a3337ab1806f00cd0277_JaffaCakes118

Files

73bc5259ca62a3337ab1806f00cd0277_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a401a4c440d8f74fcff5d6d23fb0068

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
CreateEventA
lstrcatA
GetStdHandle
LocalAlloc
GlobalAlloc
GetVersionExA
GetCommandLineA
LocalFree
GlobalFree
GetStartupInfoA
GetTickCount
lstrcpyA

gdi32

ExtTextOutA
GetStockObject
SelectObject
SetPixel
CreateSolidBrush
GetTextMetricsA
GetBkColor
CreateFontIndirectA
DeleteObject
GetTextColor

msvcrt

__p__commode
memmove
__setusermatherr
_controlfp
_acmdln
_XcptFilter
_adjust_fdiv
__set_app_type
exit
__CxxFrameHandler
_exit
_except_handler3
toupper
_initterm
wcschr
wcstoul
_c_exit

user32

GetSysColor
SetWindowTextA
BeginPaint
EndDialog
DialogBoxParamA
MessageBoxA
ScreenToClient
LoadIconA
DefWindowProcA
DestroyWindow
GetClientRect
DispatchMessageA
PostQuitMessage
GetFocus
CreateWindowExA
EndPaint
GetMessageA
TranslateMessage

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ