867a45a2930a7647ade3a908f8e6ddda_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

867a45a2930a7647ade3a908f8e6ddda_JaffaCakes118
Size

32KB
MD5

867a45a2930a7647ade3a908f8e6ddda
SHA1

b206455302c65d629189a6ab016d6240dca94f44
SHA256

d27bd8e59cb14690cac89e156f51f40077d126af252d07a96108ed93ac8f594a
SHA512

59b3ad4a2900192c2de8a80e6bac1704dfc1aae3beb1a9c6100270515beacfbbc88a83dd1b63acf7b44846226579fbe52b30af2910ca07dbd7d770c229ab8c3b
SSDEEP

384:Vi1ubeECi8jBTLYIjn0bMqw5XpgaN5D01gn/JJpl2FwBUW:VLe3dtn0bsZpZN5D01o/f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
867a45a2930a7647ade3a908f8e6ddda_JaffaCakes118

Files

867a45a2930a7647ade3a908f8e6ddda_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef082656c7b4a2fb421e1301fd263f29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
MapViewOfFile
CompareStringA
CreateFileA
LocalAlloc
LCMapStringA
GetTempPathA
DisableThreadLibraryCalls
DuplicateHandle
Sleep
LocalFree
GetModuleHandleA
ReadFile
VirtualAlloc
ExitProcess
FormatMessageA
GetCommandLineA
CloseHandle
InterlockedCompareExchange
GetLastError
CreateFileMappingA
GetTickCount
UnmapViewOfFile

user32

FillRect
MessageBoxA
wsprintfA
ReleaseDC
GetSysColor
GetDC
ScreenToClient
SetTimer
KillTimer
GetSystemMetrics

gdi32

SetBkColor
DeleteObject
DeleteDC
SetTextColor
GetDeviceCaps
SelectObject

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ