a07dd930687b771bea5ede91efb99510_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a07dd930687b771bea5ede91efb99510_JaffaCakes118
Size

115KB
MD5

a07dd930687b771bea5ede91efb99510
SHA1

fe4cee9ce5a4b8c191bf1aaf1f36a88ca876be1d
SHA256

97cea378eb140a46881925a1af98160092fd36023ab5282a5baf8cb24fda9341
SHA512

ad95e3b50ffd0fe762d5cba142922d27bc399acc657877a4d3fe6c2cfb8d991c026bf01ec6858417d8e4780c8b302943534bb7e3496677066533ad6b250943f3
SSDEEP

3072:y1HoYk7avUXyiiagqPO4jQwYd4fAFwJgsAW51B:ybEPO4jQwiAAEsQL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a07dd930687b771bea5ede91efb99510_JaffaCakes118

Files

a07dd930687b771bea5ede91efb99510_JaffaCakes118
.exe windows:8 windows x86 arch:x86

d0e460196d2a92bb159c342c740fe255

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
FormatMessageW
GetCurrentProcessId
SleepEx
GetTickCount
FormatMessageW
WaitForSingleObject
GetModuleHandleA

gdi32

SelectObject
GetTextMetricsW
PatBlt
CreateCompatibleDC
GetTextMetricsW
MoveToEx

user32

GetDC
SendMessageW
GetWindowRect
GetMessageW
SendMessageW
DestroyWindow
CreateWindowExW
GetMessageW
GetSystemMetrics
ShowWindow
SetTimer

ntdll

NtAllocateVirtualMemory

Sections

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ