007da3eb63dd1c86ed75ca2b0a063cbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

007da3eb63dd1c86ed75ca2b0a063cbb_JaffaCakes118
Size

508KB
MD5

007da3eb63dd1c86ed75ca2b0a063cbb
SHA1

d711251f7cb1accfc8802b3595b5c95e550b1c28
SHA256

8ca6db514c7d1777f78707244f770ba0f9f77c021a6da78081265083ad7ea235
SHA512

534c7775d68a8f61ae8bae35ae19d4e99c865c8720a154556937aa6bfa579910040d17275cf32dd740bd8298138d1ef46753600d0532140fa82678767b33658a
SSDEEP

12288:5Nt2l4uTa+giVHB9/g8wVUzt346q6AbsoNleCEl:5Tbd+gi/HwCu6zfsEl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
007da3eb63dd1c86ed75ca2b0a063cbb_JaffaCakes118

Files

007da3eb63dd1c86ed75ca2b0a063cbb_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b45d6ea2aeb69b3d3c9c13f452223546

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlen
VirtualAlloc
VirtualFree
GetModuleHandleA
EnumUILanguagesA
GetProcAddress
ExitProcess

user32

DialogBoxParamA
GetDlgItemTextA

gdi32

CheckColorsInGamut

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 390B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE