ad1cfb3859ce1c0e1355b0b77a84ed9f_JaffaCakes118 | Triage

Sharing

General

Target

ad1cfb3859ce1c0e1355b0b77a84ed9f_JaffaCakes118
Size

679KB
MD5

ad1cfb3859ce1c0e1355b0b77a84ed9f
SHA1

c1780001081a0f12e9579d288a9ce2d1ecbec6da
SHA256

efac694b4060efc93f322ea93b5c2734d383a3babd28421f979d2e7b4138ef6f
SHA512

fae476ef039520437f0c4f394f92c97c5a9d2a8a1bd2ecb5c2935c820e657e3e8b94edeb883e74c3a06c7e1ce3ea5e18a29ec83770fe3986b0c0c982ef532af6
SSDEEP

12288:GdMDRgsQVa+YDgfO7Onvt1c/ZMSYOZOLyHWmHGjYV5xIJMxfhs43H61pl7U6:uMDRgP/OmOUF6nYXUBGUVXB9hhH6rJl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad1cfb3859ce1c0e1355b0b77a84ed9f_JaffaCakes118

Files

ad1cfb3859ce1c0e1355b0b77a84ed9f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ebd902eb8c8c99875f8dae67c25e4a09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
SetUnhandledExceptionFilter

msvcrt

malloc
memset
realloc

user32

DialogBoxParamA
DestroyWindow
DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
CreateWindowExA
ShowWindow
UpdateWindow
RegisterClassExA
GetMessageA
TranslateMessage
DispatchMessageA
EndDialog

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 640KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ