87c8e1bfd734f27bfd0d3ec3cfd53bcc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87c8e1bfd734f27bfd0d3ec3cfd53bcc_JaffaCakes118
Size

261KB
MD5

87c8e1bfd734f27bfd0d3ec3cfd53bcc
SHA1

40669b5ec589bd4284f9b77a83fa0de992c25978
SHA256

33330d8e6cbaafe0176124e65104a1d6fdbb7277898003ec8db7f04841eea830
SHA512

01aac33e593322cf34111baa132de34e5a2c98451c6567639d5254ba8999bfa33aec6574e7fb2578751eb031d6aba31f536e46b57c11c16def73b363d84aec62
SSDEEP

3072:OsWIWqYcQ0e0r7bKMsgmOESTT9YGRVXeLKQ8gXIJrbHTIKOIDXdpAj/KIzg5:OsWIhRbK9gmDSXKGRVXeLM0YrXjGg5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87c8e1bfd734f27bfd0d3ec3cfd53bcc_JaffaCakes118

Files

87c8e1bfd734f27bfd0d3ec3cfd53bcc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e70b47025afc148030ef5ddf127d7e57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

user32

GetInputState
GetMessagePos
CharNextA
GetDesktopWindow

kernel32

IsDebuggerPresent
GetCurrentThreadId
GetACP
GetCommandLineW
GetUserDefaultLangID
lstrlenA
GetVersion
GetCommandLineA
lstrcmpiW
GetConsoleOutputCP
VirtualAlloc
GetCurrentProcessId
GetModuleHandleA
GlobalFindAtomA
GlobalFindAtomW
MulDiv
lstrcmpiA
CopyFileA
GetThreadLocale
GetCurrentThread
GetDriveTypeA

gdi32

BeginPath
RestoreDC
UnrealizeObject
SetTextColor
ExcludeClipRect
GetTextMetricsA
SetBrushOrgEx
GetDIBColorTable
SetColorSpace
SetWindowExtEx
LineTo
GetDeviceCaps
GetStockObject
OffsetViewportOrgEx
GetPaletteEntries
SetViewportOrgEx
EndPath
SetBkMode

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ