a114da736592860009233c6ddaab4692_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a114da736592860009233c6ddaab4692_JaffaCakes118
Size

104KB
MD5

a114da736592860009233c6ddaab4692
SHA1

2af09601096f499dda6ebcf84d3100974ec3b6fb
SHA256

93aad79e02d8ba0ce37a761bbdf77f7b5f1ec22bc10af66a0451b5c6911f586c
SHA512

e0a5da6fdd07ac8f519e30c406453d62f84d475dfa6acf8a4cbd06311e99cf59ed18077f7c8476a23960267cab054cfd89efaedcf508c07fa9278a1835ff4238
SSDEEP

1536:7NzlRnfWxHlfy5uIZQEm6y++YH4hwPvIgx+G+HqkYAcEAiKH3ZvhF9:LFWxF4unK4hqx+G+HgnE9KH3LF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a114da736592860009233c6ddaab4692_JaffaCakes118

Files

a114da736592860009233c6ddaab4692_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55160d7d7d10ffee58e8dde9d84534cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExW

user32

TranslateMessageEx
FindWindowExW
OpenInputDesktop
DialogBoxParamW
GetUserObjectInformationW
CreateDialogIndirectParamAorW
GetTabbedTextExtentA
CliImmSetHotKey
TranslateAcceleratorA
ActivateKeyboardLayout
SetWindowsHookA
CreateMDIWindowW
EnumWindows
SetCapture
SetSystemCursor

shell32

Shell_NotifyIcon
StrChrIW
PrintersGetCommand_RunDLLA

gdi32

GdiInitializeLanguagePack
GetRegionData
GetColorSpace
AbortDoc
Rectangle
GetEnhMetaFileDescriptionA
GetTextCharacterExtra
CreateDCW
GdiAddGlsRecord
PATHOBJ_vGetBounds
FONTOBJ_cGetAllGlyphHandles
HT_Get8BPPFormatPalette
GetViewportExtEx
GetOutlineTextMetricsA
PlayMetaFileRecord
GetFontUnicodeRanges
GdiProcessSetup
CreateHalftonePalette
Rectangle

Sections

CODE
Size: 12KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ