839e77a78bc370fb594544be350a685b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

839e77a78bc370fb594544be350a685b_JaffaCakes118
Size

19KB
MD5

839e77a78bc370fb594544be350a685b
SHA1

d4bd170820b93a2d1e5da3357fc713602ab7dbbe
SHA256

24263a4821aa58b7bee9886cfe0aa8511139c827c65fb96227048b64ac894998
SHA512

c3a1b08188cb8f1405126f6c5850feb0426b79b87b1e187dd863f11d03842dcc8345e7be155dbf12e2d692bc2e4fa3edf9ed23b6870517da44c9a9ed595965dd
SSDEEP

192:EXaNMOhYzUSvs1d12A7Zz2jPhM4Z3Zx/9a6+:EXaNM0LSWfVz2jJvxPV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
839e77a78bc370fb594544be350a685b_JaffaCakes118

Files

839e77a78bc370fb594544be350a685b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb156e34906b0dc50cdd5fbfa6f6e6f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
PulseEvent
ReleaseMutex
GetOEMCP
CreateMutexA
GetThreadTimes
IsDBCSLeadByte
GetModuleHandleA
SetEvent
CompareStringA
TlsGetValue
GetLargestConsoleWindowSize
GetDefaultCommConfigA
GetUserDefaultLangID
GetThreadLocale
GetThreadPriority
TlsFree
GetConsoleCP
VirtualAlloc
CallNamedPipeA
AddAtomA

user32

GetDC
GetClassNameA
IsWindowVisible
CloseWindow
GetActiveWindow
InvalidateRect
GetWindowTextA
ReleaseDC
IsIconic
GetWindow
RegisterClassA
ReleaseDC
GetWindowTextLengthA
ShowWindow
GetForegroundWindow
GetSystemMetrics
GetClassInfoExA
ValidateRect
GetFocus

tapi32

MMCSetPhoneInfo
MMCSetServerConfig
MMCShutdown
MMCSetLineInfo
MMCInitialize

mlang

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ