8203e391db2b4bd383dfe7d78d0c26ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8203e391db2b4bd383dfe7d78d0c26ed_JaffaCakes118
Size

42KB
MD5

8203e391db2b4bd383dfe7d78d0c26ed
SHA1

83e55ac6a671bd78be94b17a76e24719697913c4
SHA256

d191533dea31bbde75bf84112b8750c8957b493c003ce5497cb27e5c87ef83bf
SHA512

20a3e354009068fa75e958eb0514a3549d9937d539b1e3163ad377616db74cb9616a7f397c9dc97acc92b5cd9ff6d68f2cc1e33f5ba5d8456d71f244210c625f
SSDEEP

768:7a0ICD6S06yuamjaMihN7E5PSCpBPO6TjYzz3RgyQ3zfNA8mVLu:7e9S06QTMibFz3KyQ28QL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8203e391db2b4bd383dfe7d78d0c26ed_JaffaCakes118

Files

8203e391db2b4bd383dfe7d78d0c26ed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3f14b339fdb85788ba524b11aeb47d70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
SendMessageA
TrackPopupMenu

kernel32

GlobalAlloc
GlobalFree
CloseHandle
DeleteFileA
RemoveDirectoryA
SetConsoleMode

advapi32

RegOpenKeyExA
GetPrivateObjectSecurity
IsTextUnicode
CreatePrivateObjectSecurity

Sections

.ediz
Size: 34KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lot
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fab
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jgn
Size: 1KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE