a453c64f00caa64e5e63dabb78cd5a62_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a453c64f00caa64e5e63dabb78cd5a62_JaffaCakes118
Size

373KB
MD5

a453c64f00caa64e5e63dabb78cd5a62
SHA1

4482beae1a6f86b8fb607b37052841dd82543ccb
SHA256

d899d4d4df62850a560de7c71d3297c9cd62d9752627ffb247d04dc32a1f2eec
SHA512

f214b84d4a87036746c039aba8f6154e72eec489215ea63eb0e7d3efc690a00bb1f8798e6c1af58f23961121ee42349a9d766f404f742f852bd0c838c426e315
SSDEEP

6144:Y362i1C7EmJhPzvpwUop+N5qoNTuvE08ESXUjKiGlBQs41rrVLnNrSzim:862fPNw3+v7Up8bXv1BQs41nVLntS2m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a453c64f00caa64e5e63dabb78cd5a62_JaffaCakes118

Files

a453c64f00caa64e5e63dabb78cd5a62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88c64f6b5765e4706015bdaea91fc50c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
WaitForSingleObject
CreateFileMappingA
GetConsoleCP
FindAtomA
GetConsoleAliasA
LocalFree
GetLastError
LocalLock
GetCalendarInfoA
HeapCreate
CreateFileA
FindClose
LocalUnlock
IsDebuggerPresent
GetModuleHandleA
CloseHandle
TlsGetValue
LoadLibraryExA
GetACP

user32

DrawTextA
CallWindowProcA
CascadeWindows
DefWindowProcA
GetIconInfo
DrawEdge
SetFocus
DispatchMessageA
GetDC
GetMessageA
IsWindow
GetDlgItem
CreateDialogParamA
DrawIconEx

msasn1

ASN1BEREncFlush
ASN1BERDecEoid
ASN1BEREncLength
ASN1BERDecCheck
ASN1BERDecBool

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ