a712ebb89866349aa23da365d9d8e486_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a712ebb89866349aa23da365d9d8e486_JaffaCakes118
Size

260KB
MD5

a712ebb89866349aa23da365d9d8e486
SHA1

b11914ee7bebde9168a21917e65c2b056cd920fa
SHA256

a43ab1a498940ddb989e6959c4f4e9338ea72a52fc6f21d9506b6ff9fc98c9bb
SHA512

698a64da904029bd786835cd5b97a4017cd6206d5adc1db290d64927bd8fd34ba738491d2b159a865546ce695085834dc5385d34a4b7e07a40dc2baf2e61459c
SSDEEP

3072:8sj03QwJBTZbt7sjdb16ilCcq1Bdc2t+H1A1KfObAnlFiXZCi0XORjDFbeNS:8sEBzIjddlJ2QH1lObAnd3XQY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a712ebb89866349aa23da365d9d8e486_JaffaCakes118

Files

a712ebb89866349aa23da365d9d8e486_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f9afbbd39c308742a3b2f2fa7146fea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

kernel32

lstrcmpiW
GetLastError
GetOEMCP
GetUserDefaultLangID
VirtualAlloc
GetACP
RemoveDirectoryA
DeleteFileA
GetCurrentThread
SetLastError
lstrcmpA
GetCommandLineA
GlobalFindAtomW
GetDriveTypeA
CopyFileA
IsDebuggerPresent
GlobalFindAtomA

gdi32

LineTo
GetPaletteEntries
SetMapMode
ExcludeClipRect
EndPath
SetTextColor
SetWindowExtEx
SetViewportOrgEx
GetPixel
SetBkColor
OffsetViewportOrgEx
SetBrushOrgEx
RestoreDC
GetTextMetricsA
GetStockObject
SelectPalette
SetBkMode
GetDCOrgEx

user32

GetDesktopWindow
CharNextA
GetMessagePos
GetInputState

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ