93a758f2ffda30e18f7520dd80663e94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93a758f2ffda30e18f7520dd80663e94_JaffaCakes118
Size

42KB
MD5

93a758f2ffda30e18f7520dd80663e94
SHA1

901c00a1078f40bf1075538fa2a978defd588cf4
SHA256

4e775327bc98ccc5af4f1563256e76e79d159ee71d418bdad0f0f43946c38e99
SHA512

2fc149f9ca04f74029797d69101aeaa16ff04dc2df95058b82f20f0d9f01495569fdeef306018404b4d493f79f27acc577fade841bd0c825e1d9a4b03857f9e9
SSDEEP

768:T6E8nUsIZZ9kOJZy/F1Rpk9Kf2ox/TYhEJZAzIhFxHFpthiELMT51l:F8nCCO+/3b8EQMlHfq1l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93a758f2ffda30e18f7520dd80663e94_JaffaCakes118

Files

93a758f2ffda30e18f7520dd80663e94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a927e40423a382e7f99ea1a698a89863

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
HeapAlloc
GetProcessHeap
QueryPerformanceCounter
GetModuleHandleA
ExitProcess
CreateThread
InterlockedIncrement
InterlockedExchangeAdd
InterlockedDecrement
InterlockedExchange
GetCurrentProcess
GetTickCount
GetProcAddress

user32

GetMessageA
CreateWindowExA
RegisterClassExA
TranslateMessage
DispatchMessageA
DestroyWindow
DefWindowProcA
GetCursor
GetActiveWindow
FindWindowA

gdi32

GetBkColor
SetBitmapBits
GetObjectType
ResizePalette
CreateSolidBrush
SetGraphicsMode

Exports

Exports

?AJifoijfsc@@YAHHPADHH@Z
?AJifoijfsh@@YAHHPADHH@Z
?AJifoijfsi@@YAHHPADHH@Z
?AJifoijfsm@@YAHHPADHH@Z
?AJifoijfso@@YAHHPADHH@Z

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ