b10460f8de7e4f6ae9f9b73b53168223_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b10460f8de7e4f6ae9f9b73b53168223_JaffaCakes118
Size

50KB
MD5

b10460f8de7e4f6ae9f9b73b53168223
SHA1

2501339d69026a21f812d507005dc5df9275ca7d
SHA256

ac23d79648d11564dea835eccf5c48d5b6b67da15763fcee65f4d31aa1eaaf47
SHA512

9c13fa6d0754c2e3c68ea8377f0f8283f7c1fbcfba6c66bf424f0535cc7273b8840ae00dae9f62a00c015dddf14359a0e4c30a03541f7682a42b29829f8303df
SSDEEP

384:J4c39DEVxx35akDMYX4eL7tow5CGfwpp3WiGDCIaNn44NNq4Nq4Nn44NNq4Nq4NA:JZWVxxpa81oEKmtfwppmRD5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b10460f8de7e4f6ae9f9b73b53168223_JaffaCakes118

Files

b10460f8de7e4f6ae9f9b73b53168223_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3ff18442fb1310844d9207c1f28df35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FindResourceA
FindResourceExA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetTickCount
LoadResource
LockResource
MulDiv
SetLastError
SizeofResource

user32

wsprintfA
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
GetDC
GetMessageA
GetSystemMetrics
KillTimer
LoadBitmapA
LoadCursorA
LoadStringA
MessageBoxA
PostQuitMessage
RegisterClassExA
ReleaseDC
SetTimer
ShowWindow
TranslateMessage
UpdateWindow

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
GetPixel
GetTextExtentPoint32A
SelectObject
SetBkMode
SetTextColor
TextOutA

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA

oleaut32

OleLoadPicture

msimg32

TransparentBlt

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ