878e6d4e08c0648965c219aafe17c63e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

878e6d4e08c0648965c219aafe17c63e_JaffaCakes118
Size

393KB
MD5

878e6d4e08c0648965c219aafe17c63e
SHA1

81c2d1e7af18f04de30c6a17fcf4f97a91a3387d
SHA256

a1deb1c22dae390608abf432b58a1c1ebe314869279c1d21fb44f908fbb530e9
SHA512

16840e2cad55086150d8b993a1c463d7daace8d97dece8d88394b9466224df5a2f955c7c684fe044236611b5612bf7fa9add08d309e7d78c1e8eb28db542ac60
SSDEEP

12288:aYzh/yF1tpKV+n4o6/yf81C1/FVKrm0IBVPk:aYEzKavfX0eRk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
878e6d4e08c0648965c219aafe17c63e_JaffaCakes118

Files

878e6d4e08c0648965c219aafe17c63e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c246d8f90902b29be0456c99971d3031

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GlobalUnlock
FindResourceA
TlsGetValue
GlobalFree
CloseHandle
GetEnvironmentVariableA
ReleaseMutex
DeleteAtom
GetModuleHandleA
ExitThread
GetACP
HeapCreate
GetCommandLineA
SetLastError
CreateMutexA
FindClose
PulseEvent
CreateProcessA
CreateFileA

user32

GetDC
DrawEdge
SetFocus
GetIconInfo
DefWindowProcW
CallWindowProcA
DispatchMessageA
GetDlgItem
CheckRadioButton
DrawMenuBar
FillRect
IsWindow
CopyRect

msasn1

ASN1BERDecCheck
ASN1BERDecNull
ASN1BEREncBool
ASN1BEREncEoid
ASN1BERDecBool

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ