776e41ac65c982156b6308e067a84c43_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

776e41ac65c982156b6308e067a84c43_JaffaCakes118
Size

441KB
MD5

776e41ac65c982156b6308e067a84c43
SHA1

2b0b51df5ae352a048b6d3a4b5e919ca1ab0164b
SHA256

39098f044d8989e79910588121cb3b0b06d2567a46e21d5cd2a3ea819719e711
SHA512

b75e2ede98df7baf7a1ae2f67e68d36e3be6ea7501b8bbc24f0b122e5d1d100a5e2603a32b76a6e1806f5f6f47846739d3dd0037130ec996a4e9d89a2065969b
SSDEEP

6144:Reoc6tAJpdK8d97itP6vKwL9VMbd0SWVi/tFH8eCwj9GyuH9YBYreU7:Moc6t4z9S4RL9VKL1VC+9TARX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
776e41ac65c982156b6308e067a84c43_JaffaCakes118

Files

776e41ac65c982156b6308e067a84c43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9dc03912c53c86bbff574b156a29a003

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetWindowRect
IsIconic
SetForegroundWindow
SetRect
ShowWindow
GetLastActivePopup
EnumWindowStationsW
GetClientRect

kernel32

RemoveDirectoryA
GetProcessHeap
lstrcpynA
SetFileAttributesW
CopyFileW
ExitProcess
GlobalFree
GetStdHandle
GetModuleFileNameW
GlobalUnlock
CompareStringW
DeleteFileA
FormatMessageA
FreeLibrary
ExitProcess
GetModuleFileNameW
GetModuleHandleW
GetShortPathNameW
LocalFree
GetShortPathNameA
CopyFileA
GlobalAlloc
GetModuleFileNameA
RemoveDirectoryW
GetModuleHandleA
GlobalLock
DeleteFileW
SetFileAttributesA
CloseHandle
GetLastError
LoadLibraryA

dciman32

DCIBeginAccess

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bore
Size: 189KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE