83acc99935507289b990b6eacf8616fa_JaffaCakes118 | Triage

Sharing

General

Target

83acc99935507289b990b6eacf8616fa_JaffaCakes118
Size

47KB
MD5

83acc99935507289b990b6eacf8616fa
SHA1

c715873ca3af24006395b60b5ed484bddd871653
SHA256

74fbc5421343790aeee2c803ea5c3486dcbfa8ccf47629c27933f16c440b20de
SHA512

606f782ef13a8a4849016c35c5eb5eb55fa3d034c3111ad17fef963a40e4668ef301693be16f7609099937aa69522f1cbe82dc028c95896718683aa860d161f6
SSDEEP

384:iNGeRKD/YF3FQae21c7iQPx16gs3BWLVl/A3DH7zEV/1WXDSfZ6UtTr:igPY5OD7iQPxjFBOTnE1Y2MUV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83acc99935507289b990b6eacf8616fa_JaffaCakes118

Files

83acc99935507289b990b6eacf8616fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75efe50ab8bfc61bbc0b28e738f82ac4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCommandLineA
GetModuleHandleA
LocalFree
Sleep
LocalAlloc
CloseHandle
GlobalAlloc
GetLastError
GetFileSize
GetVersionExA
FreeLibrary
lstrcpyA
GetStartupInfoA
lstrlenA
GetStdHandle
CreateEventA

gdi32

ExtTextOutA
GetBkColor
GetTextColor
DeleteObject
GetTextMetricsA
GetObjectA
GetDeviceCaps
SetBkMode
GetTextExtentPoint32A
PatBlt
SetROP2
CreateCompatibleDC
GetStockObject
CreateSolidBrush
SetPixel
MoveToEx

user32

DispatchMessageA
GetFocus
SetFocus
DestroyWindow
GetSysColor
MessageBoxA
PostQuitMessage
CreateWindowExA
DefWindowProcA
SetWindowTextA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ