8bc870a1846492e2f74d9501dc37bf36_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bc870a1846492e2f74d9501dc37bf36_JaffaCakes118
Size

172KB
MD5

8bc870a1846492e2f74d9501dc37bf36
SHA1

fb6d270019147e1324bb6a9d24f6338f04e35344
SHA256

0151b5ab78947da0d6c4c677463e068d0cb9a5ca4f1046cadd1dceb6b5c344b7
SHA512

e269f97b6f24b0343f2cad9b4a5abd11713e225f13628f6b77bf1e661e21290b65932124c53214661b055062160a55f53f787b67054232608a602310fddba52b
SSDEEP

3072:eMQiCd27pvj0GXVySqSTyksJuTtMjoLgxVxCGUKS6bxwk3UJOgFBeWR1CVPC:eM5HXVyShTykrwo8xV+36b2kk0KfCa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bc870a1846492e2f74d9501dc37bf36_JaffaCakes118

Files

8bc870a1846492e2f74d9501dc37bf36_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4f643de6773aca5e115dee230c40ffa6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\ccQnToahm\gyNsGLMBVn\aAijnOsgoDszno\Lbhqnkwtyy.pdb

Imports

user32

CreateDialogParamA
GetWindowDC
AllowSetForegroundWindow
ClipCursor
SetActiveWindow
IsCharUpperW
GetUpdateRect
OpenIcon

shlwapi

ChrCmpIW

kernel32

LoadLibraryA
DeleteCriticalSection
lstrlenA
SetMailslotInfo
GetModuleFileNameA
LoadLibraryExA
GetModuleHandleW
GlobalHandle
LoadLibraryExW
DeleteFileW
GetLocalTime

msvcrt

strlen
_controlfp
gets
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
localtime
calloc
_cexit
__setusermatherr
__getmainargs

gdi32

CreateDiscardableBitmap
CreateFontW
GetSystemPaletteUse
GetTextFaceW
SetDIBColorTable
SaveDC

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hill
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 142KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE