a2c01b5b508c0f130179bec68ce598f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2c01b5b508c0f130179bec68ce598f6_JaffaCakes118
Size

37KB
MD5

a2c01b5b508c0f130179bec68ce598f6
SHA1

8f15571653d4de421784ee858f71e0f340e455ec
SHA256

a1c05d9f095b05bc9393c20aba6d0480a4fb34c784b324868d01095e7f86c0c4
SHA512

d4ce6cfe723a53ec4054b5f21425b87fc76fbbfc9bebb5aef6f537f04340c6a5bf733fd8c707d1fa41a5607c711a71f5821e0026f5845c82161e2f0e4f7692a7
SSDEEP

768:D9tf1xInxWe+AaN6zA4hZBsEcX6FPwls9d2YVAob6KPX5+0iEtaUIz:Jtr6xWeT/zA4h7sJqwa9d2YSAtwz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2c01b5b508c0f130179bec68ce598f6_JaffaCakes118

Files

a2c01b5b508c0f130179bec68ce598f6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c08342a63666e276ccd76a2710dd42d2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\icciJhfHYaB\GilfyUUDGJfJzi\wkjVdosXjmFn.pdb

Imports

msvcrt

_controlfp
strpbrk
__set_app_type
__p__fmode
__p__commode
_amsg_exit
strlen
_initterm
_ismbblead
_XcptFilter
iswalpha
_exit
swscanf
_cexit
__setusermatherr
__getmainargs

kernel32

GetComputerNameW
lstrlenA
GetModuleFileNameA
LoadLibraryA
SetPriorityClass
GetModuleHandleW
ExitThread
LoadLibraryExA
TerminateThread
GetFileType

gdi32

GetTextColor
SetTextAlign
CreateHatchBrush
GetNearestColor
GetCharWidth32W

shlwapi

ChrCmpIW

user32

GetDlgItemInt
ChildWindowFromPoint
GetDlgItemTextW
GetWindowDC
SetWindowRgn
LoadCursorW
ReplyMessage
IsCharUpperW

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyz
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE