ad287bfb6c2ebe87c0d138ea71b12862_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad287bfb6c2ebe87c0d138ea71b12862_JaffaCakes118
Size

131KB
MD5

ad287bfb6c2ebe87c0d138ea71b12862
SHA1

19034ba6b18a55f7b9c092e9c9299ba0371a5b37
SHA256

c8c44207c1adcbc7ff13249e308b36cc98dc293f4d41a8e3091d5dd2db9eb31a
SHA512

0c3366eb9a89f0ae1a4827f80e942d7f2772b3061b94cab076fbab8ae1dd9bdb2506a9d4ca00caf1153ae5c4e0409f1a032aaafddb72edc2061a398088de53aa
SSDEEP

3072:n/l2Hw9/b0f/7ks7xJS4zhYTkqpEBmYu6oMJ:n92HwRQf/z7rSEOkkYNX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad287bfb6c2ebe87c0d138ea71b12862_JaffaCakes118

Files

ad287bfb6c2ebe87c0d138ea71b12862_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f83760dc2c2f779bc354d95bc568c40e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetDiskFreeSpaceA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStringTypeA
GetTempFileNameA
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LocalAlloc
MapViewOfFile
VirtualAlloc
VirtualFree

user32

DefWindowProcA
DestroyWindow
GetFocus
GetWindowTextA
IsWindowEnabled
RegisterClassA
ScreenToClient
SetWindowPos
UpdateWindow

gdi32

CreateSolidBrush
DeleteObject
GetCurrentPositionEx
GetDIBColorTable
RestoreDC
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StretchBlt

shell32

DragAcceptFiles
DragQueryPoint
ExtractIconA
ExtractIconExA
SHGetMalloc
ShellExecuteW

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ