adbbd48d2499c8fdd0cf81f23e2d68d7_JaffaCakes118 | Triage

Sharing

General

Target

adbbd48d2499c8fdd0cf81f23e2d68d7_JaffaCakes118
Size

42KB
MD5

adbbd48d2499c8fdd0cf81f23e2d68d7
SHA1

bb1d4be0569c688291d08b5acba90badb34b724b
SHA256

e51d7cf50e1ebac0551ea4913fda0f2dff048550aec395e504a1070a51c43b3e
SHA512

228bd80c663c1d155b9144f8b9421d98c7efdf1fc49a96c533a4fcfaa274696b8cc8a0e6a9bd3c08265447f173a05303d32c69a8d05f84cfdd9cb4dce20d1d68
SSDEEP

384:45dy8D3PzLFxmbuct6H/gj6x4D1qustTfnVE+nCuMRZScXjt2aR37FbMUiJ2D9h3:4rZxmKcIFQGDVBnWZScYqNrVhz6LKfxt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adbbd48d2499c8fdd0cf81f23e2d68d7_JaffaCakes118

Files

adbbd48d2499c8fdd0cf81f23e2d68d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95ef93a8c68c2608d6adcbc9d3a61c0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetProcAddress
LeaveCriticalSection
LoadLibraryA
OpenMutexA
OpenProcess
ResumeThread
Sleep
VirtualAlloc
VirtualFree
VirtualProtect

user32

BeginPaint
CheckRadioButton
CreateMenu
CreateWindowExA
GetWindowDC

gdi32

CombineRgn
CreateBrushIndirect
CreateCompatibleBitmap
SetBkMode
SetBrushOrgEx
SetPixel
SetStretchBltMode
SetTextColor
SetWindowOrgEx
StretchBlt
TextOutA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 18KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ