aa5b820601c3d72d478c0086c164e02b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa5b820601c3d72d478c0086c164e02b_JaffaCakes118
Size

365KB
MD5

aa5b820601c3d72d478c0086c164e02b
SHA1

67fdb9227e00c0a6ef5d036c1356021d3532cb9c
SHA256

62fe0e14508055c570b556d9045c461fd42cb5c83773dc5ba058a49c4dd2f762
SHA512

325f5740919fe28f9ac539b127e542442d79e7e62f1485ecb36a35376a7e88eac04042ced76a694d36b29e6b776b56a0fa55263c2d6fac3639655468645a7cd1
SSDEEP

6144:2Z+bIZrZL+TnqRTMdDVJJ8pnXunpWH3rF2dWVOfis9yMdnWFJ0htBuNhRI:m+IZQrqRAdD+pXunQ7F2djdIJ0ht6k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa5b820601c3d72d478c0086c164e02b_JaffaCakes118

Files

aa5b820601c3d72d478c0086c164e02b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6838882f81f7f14cfbd3d4289097e497

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
CloseHandle
CreateFileA
lstrlen
PulseEvent
GetEnvironmentVariableA
TlsGetValue
CreateMutexA
IsBadStringPtrW
HeapCreate
GetModuleHandleA
GetACP
ReleaseMutex
TerminateThread
Sleep
FindResourceA
FindClose
LoadLibraryW
LocalFree
GlobalUnlock

user32

SetFocus
GetDlgItem
GetIconInfo
CallWindowProcA
DrawEdge
CheckRadioButton
GetDC
CopyRect
DrawMenuBar
FillRect
IsWindow
DefWindowProcW
DispatchMessageA

msasn1

ASN1BEREncEoid
ASN1BERDecNull
ASN1BERDecCheck
ASN1BEREncBool
ASN1BERDecBool

dpnet

DirectPlay8Create

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ