a42d8dcee7c28cd53afac0f789617895_JaffaCakes118 | Triage

Sharing

General

Target

a42d8dcee7c28cd53afac0f789617895_JaffaCakes118
Size

80KB
MD5

a42d8dcee7c28cd53afac0f789617895
SHA1

47e84b16171e45fdaa35f3bd69c376442c9a8a6b
SHA256

6c9d748484021b2b7ee9722695432f73d0f5f2b5d7c19ffcc2bccaafe5d040b5
SHA512

da8b6fc8045ee0d8b4d1a7fc3a4c5d8ed9889d8f2691a53751859ef99418f9610af69d6a74a5eca9dbec18cad3d4620e990ce57e62cb6084660ff718c6636cd3
SSDEEP

1536:lzM1flQHFOlOlohObpbIeJzJSMcvlcPFDcL5TZRzFeg:hylQHFOqom2eKPlcAPp9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a42d8dcee7c28cd53afac0f789617895_JaffaCakes118

Files

a42d8dcee7c28cd53afac0f789617895_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cbaf3da9c0d0762241bff261fc1c9d9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
GetProcessHeap
GetACP
GetCPInfo
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
HeapAlloc
VirtualAlloc
FindResourceA
LoadResource
LockResource
GetOEMCP
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeW

user32

SetTimer
PostQuitMessage
DefWindowProcA
GetDC
wsprintfA
LoadBitmapA
ReleaseDC
LoadImageA
LoadCursorA
RegisterClassExA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
PostMessageA
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

GetObjectA
SelectObject
BitBlt
DeleteObject
DeleteDC
CreateCompatibleDC

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ