87d7e33b76c69c3d54eff348477cef2b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87d7e33b76c69c3d54eff348477cef2b_JaffaCakes118
Size

289KB
MD5

87d7e33b76c69c3d54eff348477cef2b
SHA1

111df64a04022035bdb6d04844536b1483d4a588
SHA256

46c4f663bc97f0e79f01f57dcb9780c89dc4b34bc8f1ed89c557cdf1a6d9b229
SHA512

8c92f57acf1d1501eb969e08ee3db0fd7dbd7f2c86fca50164bd5ca116f5d0627f5acaa4d1bedfe2f07b5216398bddee5885889f2710202a1cd8855a72e34096
SSDEEP

6144:1qbuP9tg1jDnrU86FW4HrH6b9GnBC4EQ0D3hybTH0FG:OuijXLK6b9IjOG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87d7e33b76c69c3d54eff348477cef2b_JaffaCakes118

Files

87d7e33b76c69c3d54eff348477cef2b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27f15687e12679478dc9422f521be644

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateMutexA
CreateThread
EnterCriticalSection
ExitThread
FreeLibrary
GetCurrentThreadId
GetFileAttributesA
GetTickCount
GetVersionExA
GetVersionExW
GetWindowsDirectoryA
GlobalAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetEvent
Sleep
WaitForSingleObject
WriteConsoleA
WriteFile
lstrcpyA
lstrcpynA
lstrlenA

user32

BeginPaint
CharUpperBuffW
CopyRect
GetMenuState
GetScrollInfo
GetSystemMenu
OffsetRect
PostMessageW
RemovePropW
SendDlgItemMessageW
SendMessageW
SetScrollInfo
UnregisterClassW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ