7787dcc0296e6fc8f2a2452101ff66d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7787dcc0296e6fc8f2a2452101ff66d0_JaffaCakes118
Size

342KB
MD5

7787dcc0296e6fc8f2a2452101ff66d0
SHA1

5b543420ae1dc3b6f7987d8230b2e3fb867c9072
SHA256

dc0e954f0f4e0a9b5b4d8b5ef23b72ec1ca041afcd76bedfce83b1a0cdb31c08
SHA512

f8217c71059d2e1731ade98d77e4c934691c6de59b0e412c285a98926310bec0303856e22ec681a24ba088f7fc4e4d2ab4d272ed7ef6c34f7fb1c971f3ab2be1
SSDEEP

6144:DqtXYveIk44ai9PakfDYtlUKS2pf/xYLcu5NC9wXMq0jKI/gr3tV:KYvDsakbClM2pxYB3CuM/xKtV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7787dcc0296e6fc8f2a2452101ff66d0_JaffaCakes118

Files

7787dcc0296e6fc8f2a2452101ff66d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8549f6385a2981cac1f1f8407280a2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMailslotA
GlobalUnlock
IsDebuggerPresent
GetModuleHandleA
GetACP
HeapCreate
GlobalLock
GetConsoleCP
LoadLibraryExA
CreateFileA
CreateEventA
IsBadReadPtr
FindClose
FreeEnvironmentStringsA
GetStdHandle
CreateFileMappingA
CloseHandle
lstrlenA
GetLastError
LocalFree

user32

CheckMenuItem
GetDlgItemTextA
RedrawWindow
SetFocus
DialogBoxParamA
GetIconInfo
DispatchMessageA
EndDialog
GetListBoxInfo
GetDC
GetDlgItem
GetMessageA
IsMenu
DrawIconEx

uxtheme

GetThemeColor
GetThemeMetric
CloseThemeData
EnableTheming
DrawThemeIcon

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ