839aea7d5adbe7cda4be204f294f7bdf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

839aea7d5adbe7cda4be204f294f7bdf_JaffaCakes118
Size

94KB
MD5

839aea7d5adbe7cda4be204f294f7bdf
SHA1

ed4d09f6b7abdb2db628eb55e6475c20e2378e7f
SHA256

8c0c1ef1d7731b078bcdf25014df9bfff327d62c9a5635a5682b3ccf682c7c12
SHA512

0668e5ed413eba7dc16b1d996f3364d9e371433d55505b514efab0840aeeea1f63fe8c69e670d0cc4d9b2c2b203102a49e35c2a2768f9eeb792de1c3a6387c53
SSDEEP

1536:/yrY2ZHpXhaCAsUZnGsN14KFh5YKoVq+AXJoRFKs1S44KTd8BvjB:qY2xp4xzJGwrFrHoaaKs1bGB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
839aea7d5adbe7cda4be204f294f7bdf_JaffaCakes118

Files

839aea7d5adbe7cda4be204f294f7bdf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

222ed9e0dc1e3c8637a5b414c53367d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetModuleHandleW
OpenFileMappingW
GetUserDefaultUILanguage
VirtualAlloc
InterlockedDecrement
VirtualFree
GetTimeFormatW
LoadLibraryA
HeapFree
VirtualProtect
GetModuleHandleA

msvcrt

_ismbbkalnum
memcpy
cosh
_ismbbkpunct
fgetpos
iswascii
_lseek
is_wctype
getwc
getenv
_expand
_wstrdate
_aexit_rtn

comdlg32

dwLBSubclass
Ssync_ANSI_UNICODE_Struct_For_WOW
PrintDlgExA
LoadAlterBitmap
PrintDlgExA
PageSetupDlgA
ChooseColorW
dwOKSubclass
ReplaceTextW
GetSaveFileNameA
WantArrows
GetFileTitleA
CommDlgExtendedError
PrintDlgA
FindTextW

winmm

mmTaskSignal
waveInClose
WOW32DriverCallback
mmioFlush
mmioSeek

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ