a4ac8f9f5bd4c2302537060da0ef1bb0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4ac8f9f5bd4c2302537060da0ef1bb0_JaffaCakes118
Size

261KB
MD5

a4ac8f9f5bd4c2302537060da0ef1bb0
SHA1

9d597891f8a5a23faf29ba634eae3ec538eb2226
SHA256

898d94f3323785a703a52b05f9fa3405f0f2e10afdee7b5c7e6e01b206fbeacb
SHA512

339c63adf41237ae7fa1a542004dd9609e3e8f6b4b7152b3670e925bc083176b13ef2c00421917440420d276bec0c629a0e91e0f02e9f4aa861395ba219be7e0
SSDEEP

3072:P2kaPwhLFarPlOcPMITDTUYS+EWciSqqFtFFjgnioeygSoKQ4u+pLgrNisM91H34:OXYN6PIfGDTpX3360s/NKjukUrYU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4ac8f9f5bd4c2302537060da0ef1bb0_JaffaCakes118

Files

a4ac8f9f5bd4c2302537060da0ef1bb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb26150de90a84f02eae2a4ff5306854

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

user32

GetDesktopWindow
CharNextA
GetMessagePos
GetInputState

kernel32

GetDriveTypeA
lstrcmpA
GetCurrentThread
GlobalFindAtomA
VirtualAlloc
lstrcmpiA
GetCommandLineA
GetUserDefaultLangID
DeleteFileA
IsDebuggerPresent
GetModuleHandleA
GlobalFindAtomW
GetACP
lstrlenW
GetCurrentThreadId
MulDiv
GetCurrentProcessId
GetLastError
GetOEMCP
lstrcmpiW
SetCurrentDirectoryA
GetProcessHeap

gdi32

SetBkMode
ExcludeClipRect
SetViewportOrgEx
GetPixel
MoveToEx
SetWindowExtEx
EndDoc
RestoreDC
EndPath
SetMapMode
GetPaletteEntries
BeginPath
LineTo
GetDIBColorTable
SetTextColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ