837578af539a942bd0a0bd302dfb5e4c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

837578af539a942bd0a0bd302dfb5e4c_JaffaCakes118
Size

341KB
MD5

837578af539a942bd0a0bd302dfb5e4c
SHA1

cd6f4ea961939aa164ee40a1bddeb1803984b6ac
SHA256

a16a36ca5a3bcc9d25f65d738ac69ee917c295841ef46fc0e169d2aedfde0287
SHA512

97a5c8a03b9cd05f2dc71b58141bd546d70c85e547e576862ff7b20494cd56ca7882e8afd7a0caff7ded3f0a3894d9891f9905edbec0561d4521d7670e7c92b1
SSDEEP

6144:GyShCdfgM4p29UN3/T6YAOq0uzxR4XDcXOP47YxNA1Ll5yYkeP0URnLu:GyLfU4QmDOql6DVIyNduMUdu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
837578af539a942bd0a0bd302dfb5e4c_JaffaCakes118

Files

837578af539a942bd0a0bd302dfb5e4c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a15da15447902a0cb724ec620d7c2cf2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalMemoryStatus
GetSystemTime
InterlockedExchange
GetSystemDefaultLCID
GetOEMCP
GetTapeStatus
LoadLibraryA
GlobalSize
GetTimeFormatA
VirtualProtect
ResumeThread
IsDebuggerPresent
FreeConsole
GetCurrentProcessId
PeekConsoleInputA
HeapCreate
GetACP
GetModuleHandleA
HeapDestroy
GetCommandLineA
WaitForSingleObject

user32

ReleaseDC
GetCursorPos
wsprintfA
BeginPaint
GetDC
GetFocus
DrawTextA
DragDetect
SetForegroundWindow
FillRect
GetParent
EndPaint
AnyPopup
GetWindow
GetTitleBarInfo
FrameRect
GetClassNameA
ShowWindow
CreateIcon

atl

AtlModuleInit
AtlAdvise
AtlModuleTerm
AtlGetVersion
AtlUnadvise

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 840KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ