789adeec4a5611fb076d53ed4dc8279a_JaffaCakes118 | Triage

Sharing

General

Target

789adeec4a5611fb076d53ed4dc8279a_JaffaCakes118
Size

330KB
MD5

789adeec4a5611fb076d53ed4dc8279a
SHA1

40041359e5a82a7b852b4ce45ab9047da5f0ce5c
SHA256

44c2f8d3b6b1aa714f341190da765421a9144c1557f3da0732d7242f3cc7df11
SHA512

344779af9a8e63b55e9a6cb0ea59e3233cc143be6b153f367a88e3434ae5a5e85ee0ff22a604cab1494c9550d919a4885be2b3ef9c66155d5391a357ba48162b
SSDEEP

6144:NqGtZYe5OviOQ6bQAZupq5MlZMb0Hhi7AcgeNyy0:NqGtZjOXQMupq59b0HI7a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
789adeec4a5611fb076d53ed4dc8279a_JaffaCakes118

Files

789adeec4a5611fb076d53ed4dc8279a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1d448f27f7de837285abb9de9358b67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
SetBkMode
SetTextAlign
SetTextColor
SetBkColor
DeleteDC
ExtTextOutW
SelectObject
CreateCompatibleDC

kernel32

GetCommandLineA
FreeLibrary
GetProcAddress
GetStringTypeA
LoadLibraryA
WideCharToMultiByte
DeleteFileA
GetFileAttributesA
GetTempPathA
GetTempPathW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
LockFile
LockFileEx
UnlockFile

oleaut32

SafeArrayDestroyDescriptor
CreateErrorInfo
OleLoadPictureEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteW

msimg32

TransparentBlt

Sections

.text
Size: 203KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE