a99b9d90890a875d651cd6ac69509dff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a99b9d90890a875d651cd6ac69509dff_JaffaCakes118
Size

260KB
MD5

a99b9d90890a875d651cd6ac69509dff
SHA1

b1d755bcc963254c1f6534a60ee785f56d4bc0b9
SHA256

3dcf20a02ef1734125f25ef26b06ec0808a296110323cab624d1b701cb1e085a
SHA512

5fdfef2df4e32cca41826ebc1354acce908da59be509cf48b96365a4e4600fc2ac10d25cbed17a81342de3614a233788915ec4c6e4d0f1758deb4feb8b7d56f0
SSDEEP

6144:GmS87LEnIoGmm2bEHp/LeQTWPBrDvqtRnK:ZS2LEIzmb+6JKR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a99b9d90890a875d651cd6ac69509dff_JaffaCakes118

Files

a99b9d90890a875d651cd6ac69509dff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

123e06ca85d3ff4e066fc20ad088dffd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessagePos
GetDesktopWindow
CharNextA
GetInputState

kernel32

GetUserDefaultLangID
GlobalFindAtomA
CopyFileA
GetThreadLocale
GetModuleHandleW
GetCurrentProcess
GetACP
GetCurrentThread
GetCurrentThreadId
GlobalFindAtomW
SetLastError
lstrcmpiW
DeleteFileA
lstrcmpA
GetDriveTypeA
GetVersion
VirtualAlloc

gdi32

SetBkColor
BeginPath
LineTo
SetBkMode
SetWindowExtEx
GetPixel
GetDeviceCaps
SetBrushOrgEx
EndDoc
OffsetViewportOrgEx
SetMapMode
GetPaletteEntries
SetTextColor
GetStockObject

comctl32

InitCommonControls

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ