786b1f97ab860ce944c00feb15bb0642_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

786b1f97ab860ce944c00feb15bb0642_JaffaCakes118
Size

117KB
MD5

786b1f97ab860ce944c00feb15bb0642
SHA1

643649fa9446c9ab3a5459a000baa4a4304335ff
SHA256

45549bacf1efa82015ea244301ad5837428aaa808eb2db487bea375b44f6d127
SHA512

063a0cf206602c41c7cbb2e5877c997802cb639002df89259b67e8b6d86e3089b0983678b462b2d0da3e0c73845fd9447ef53a12f31310531155086ae8d2c75f
SSDEEP

3072:fxN+zwiTL29Owo964hfAAJNn0ql5CV4PYzCb1ut:f2klY39+A4M5myYeu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
786b1f97ab860ce944c00feb15bb0642_JaffaCakes118

Files

786b1f97ab860ce944c00feb15bb0642_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5734dd26f54254fffbfc7c169ec1fb9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\AJbqeX\sclhXm\menxuon\nkeiudsx\eaGJro.pdb

Imports

user32

LoadCursorW
PostThreadMessageW
DispatchMessageW
DefWindowProcA
SetActiveWindow
ShowWindow
RegisterClassA
GetKeyState
GetUserObjectInformationW
CharLowerA
DialogBoxParamA
GetShellWindow
GetPropW
IsCharLowerA

ntdll

_itoa
_wtol

kernel32

SleepEx
CreateDirectoryA
WaitForSingleObjectEx
GetCurrentProcess
TerminateProcess
FindNextFileA
GetCommState
FindNextChangeNotification
lstrcatA
_lcreat

gdi32

SetTextColor
SetWindowExtEx
GetTextExtentPointA
SetTextAlign
GetDIBits
LPtoDP

Exports

Exports

?GetEnvironmentVariableA@@YGXEPAG_KPA_W@Z

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 835B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ