970d07d542cd0577109a44befec95c8b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

970d07d542cd0577109a44befec95c8b_JaffaCakes118
Size

102KB
MD5

970d07d542cd0577109a44befec95c8b
SHA1

f83678be35c093d527ae1048c31accffeb44722f
SHA256

72366b23f18003d00bbcef47104dae5f74bc64285b87d9cea2150eec9ddeb368
SHA512

e063247127c17a4eb05e928727f647d2b6493e958ac955a2bc6d20030bf1ae613157c88751bef9a0717def613ef0f29bd9763ee875baca545006dce8ccd2faa6
SSDEEP

1536:afgyGvmEgijvqqNLcO/F2CALyugqkJ99r25q7dMxKrUb7oGwp3nqsGwFCkabFJsj:afgEOiylER0a5IyTb7F23nqCsJJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
970d07d542cd0577109a44befec95c8b_JaffaCakes118

Files

970d07d542cd0577109a44befec95c8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d7b4f4c82dcd93ac67f4c32d6b5b479

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
SetHandleCount
SetFilePointer
lstrcpynA
TerminateProcess
lstrcpynW
CreateFileA
GetCommandLineA
WriteFile
GetStringTypeA
lstrcatA
GetFileType
MultiByteToWideChar
GetACP
GetOEMCP
GetVersion
GetStdHandle
LCMapStringA
GetCPInfo
GetCurrentProcess
GetStartupInfoA
lstrcpyA

user32

LoadMenuA
DialogBoxParamW
DrawIconEx
EndDialog
GetCursor
GetDC
CreateIcon
GetWindowTextLengthA
CopyRect
GetWindowTextA
GetMenu
DrawTextW
LoadCursorA
DrawTextA
CopyImage
DialogBoxParamA
DrawIcon
GetFocus
CloseWindow
CopyIcon
IsMenu
IsWindow

comctl32

ImageList_LoadImageA
CreateStatusWindowW
DrawStatusText
DrawStatusTextW
ImageList_GetIcon
ImageList_Draw
CreateStatusWindow
InitCommonControls
ImageList_GetIconSize
ImageList_LoadImageW
CreateToolbar

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 16.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ