a4b90c7f85f885d0a827727c49b93114_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4b90c7f85f885d0a827727c49b93114_JaffaCakes118
Size

85KB
MD5

a4b90c7f85f885d0a827727c49b93114
SHA1

efa28ab1a27d7c96897765a11d390de449030d59
SHA256

96f49136369b6e521695ef97e680a8b82edb969c57a047e2cce976ec624fd5ee
SHA512

2cc026ab226fd1cfa51b69a18c1b1ffae6b67994a8c0cbca2fd5e2795074600e52684a844af30e821b7c02b97b943e11737cbf92af41a34fd668cb6d4a795eda
SSDEEP

1536:qxH7MpyqlgrbBSjhwRmDdRFr4fN6MAHQPhOOunhzjcvU2iYPdQ:07MpyjrbBzmDdgF6M0QPynhzjc5W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4b90c7f85f885d0a827727c49b93114_JaffaCakes118

Files

a4b90c7f85f885d0a827727c49b93114_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6bfb3f0f133503bf4bd32b8a42283304

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
malloc
free
memcpy
rand

comctl32

ord17

kernel32

CloseHandle
CreateMutexA
CreateEventA
VirtualQuery
GetModuleHandleA
WaitForSingleObject
SetEvent

user32

TranslateAcceleratorA
TranslateMessage
LoadStringA
GetMessageA
PostMessageA
LoadAcceleratorsA
MoveWindow
SetWindowPos
CreateWindowExA
InvalidateRect
GetScrollRange
SetScrollRange
SendMessageA
GetWindowRect
SetTimer
SetWindowTextA
DispatchMessageA
ShowWindow

Exports

Exports

?GetBlabla@@YGPAXXZ
?GetHKjhfdkhtgd@@YGPAXXZ
?GetKJjgfgjdgd@@YGPAXXZ
?GetUJlfdlgfd@@YGPAXXZ
?GetUrietefjJHkjfd@@YGPAXXZ

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ