86d4049c0dcff125fcc8cb2f5bb4d583_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86d4049c0dcff125fcc8cb2f5bb4d583_JaffaCakes118
Size

27KB
MD5

86d4049c0dcff125fcc8cb2f5bb4d583
SHA1

225e833e5abf0737ff99d866ae03dafee5ccb9ff
SHA256

2d60a24cb7e749b0276f680de2f1ec7c5e6027e419fcf2dad69ca242dccfe36a
SHA512

649d31d5b4324e5efd79885c7bb5b972555a7cb109fd341437c56e930e64b429fb7051e4f6e61dc5e4451b8738dfa157afd9dac1194895c9bc8d88ed7108e73c
SSDEEP

384:T5Ard93acccccccccccccccccccccccccccccccccccccccccccccccccccccccK:T5qd93lfM7UTyiWyy60h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86d4049c0dcff125fcc8cb2f5bb4d583_JaffaCakes118

Files

86d4049c0dcff125fcc8cb2f5bb4d583_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de6e30d576eb6c0d13af40e0a0447ab4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
GlobalAlloc
LocalAlloc
GetTickCount
GetCommandLineA
GetStartupInfoA

msvcrt

_exit
__CxxFrameHandler
wcstoul
__p__fmode
memmove
__setusermatherr
rand
__getmainargs

gdi32

SetPixel
CreateSolidBrush
GetStockObject
SelectObject
CreateCompatibleDC
GetPixel
GetBkColor
SetBkMode
GetDeviceCaps
BitBlt
GetObjectA
CreateFontIndirectA
DeleteObject
LineTo
MoveToEx
SetROP2
GetTextColor
GetTextMetricsA
GetTextExtentPoint32A

user32

BeginPaint
SetFocus
LoadIconA
EndPaint
PostQuitMessage
MessageBoxA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ