abc04d777ddc5e2ca83789b6ace41ed3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abc04d777ddc5e2ca83789b6ace41ed3_JaffaCakes118
Size

178KB
MD5

abc04d777ddc5e2ca83789b6ace41ed3
SHA1

da9039993b9749232af48be7fb62fd97cb45ad07
SHA256

b00486640fabd9f973309f9f216819a5d93001935f8d10ec5448977d378d0a87
SHA512

3468cd942ece8222fff387cab1f08f3881bc98b0f716656f60e65ec974fde305bc476f91e77d05b289548b647631abd9d7c7f72b60731fbcaaa2c43d839996f4
SSDEEP

3072:Qi7q4T2v0suIbPlx0/wyPtuC/APbSRFfzW1k6+Qm3TZd/6euGC:Qi7r2rtxIwi//IaFfzQN+DP/6bt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abc04d777ddc5e2ca83789b6ace41ed3_JaffaCakes118

Files

abc04d777ddc5e2ca83789b6ace41ed3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

72d7cd005c01cbbdbb8779cb10293027

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

B:\dslzOowq\Lmjg\toponukr.pdb

Imports

gdi32

FillRgn
GetViewportOrgEx
RemoveFontResourceW
SetDIBits
SetDIBColorTable
CreateDIBSection

user32

CheckDlgButton
UnloadKeyboardLayout
GetWindowLongW
LoadImageW
OpenIcon
ShowScrollBar
GetMenuItemID
MoveWindow
GetPropW
InvalidateRect
IsWindowVisible

kernel32

HeapValidate
TlsSetValue
OpenSemaphoreW
GetTimeZoneInformation
lstrcmpiW
IsBadCodePtr
CreateWaitableTimerW
CompareStringW
MoveFileExW
GetAtomNameW
LoadLibraryW
GetProcAddress

Exports

Exports

?JffivbGfcuiznKQbgqUvmc@@YGEDJ@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.temp
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ