94081d6a5b63a0e19e54bb25a3fcb0dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94081d6a5b63a0e19e54bb25a3fcb0dd_JaffaCakes118
Size

131KB
MD5

94081d6a5b63a0e19e54bb25a3fcb0dd
SHA1

17ae69cc3a5f20259a0793b66fecdfba613c3952
SHA256

ea463b22d5d9b42eb84019ef59313a0d5d5039dfe6b2cca52e8a1c58f7fa7691
SHA512

56d2180d57f0986493a5d8520de3c685dab594cd37f3dceff1d5fd57f526543fbde210320677f1b32945ea44e96abf995b23339e8ba91eec29afa26e7b1ebebe
SSDEEP

3072:6sIdYEhvawBFjEN09IssdH5JTBqCt+E53L9bg:6sIGRssdZJT0ENLi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94081d6a5b63a0e19e54bb25a3fcb0dd_JaffaCakes118

Files

94081d6a5b63a0e19e54bb25a3fcb0dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77c532726c64a8b54ba76852be86cdbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStringTypeW
GetSystemDirectoryW
IsDebuggerPresent
LoadLibraryA
VirtualAlloc
VirtualFree
lstrcmpiA

user32

CharNextA
DefWindowProcA
DrawTextA
EnableWindow
GetActiveWindow
GetClassInfoA
GetFocus
GetSubMenu
GetWindowPlacement
GetWindowTextA
LoadBitmapA
LoadIconA
SendMessageA
SetWindowPos

gdi32

CreateDIBSection
CreatePenIndirect
DeleteEnhMetaFile
Escape
GetClipBox
GetDeviceCaps
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
GetWindowOrgEx
SetBrushOrgEx
SetDIBColorTable
SetWinMetaFileBits

shell32

CommandLineToArgvW
SHAddToRecentDocs
SHAppBarMessage
SHCreateDirectoryExW
SHGetFileInfoA
SHGetFolderPathA
SHGetSettings
ShellExecuteW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ