adeae3d1b0207ff0654e159eb2010d10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adeae3d1b0207ff0654e159eb2010d10_JaffaCakes118
Size

278KB
MD5

adeae3d1b0207ff0654e159eb2010d10
SHA1

da7bb81e23e9f6f55d5080e674dc6847d8e37d2b
SHA256

38e5c362886083d5d0428256ed5efc9f6b1d009c6d0b0c2b4db4b3e29ad5ffeb
SHA512

024ef5c050ff7a54f015a0f056236a6ffd6515517a3c99469a52f59073bf08e62979f219a51ad96ed00460557f9fe46277453fa6c004e121ca299785f6641f75
SSDEEP

6144:ezPrNP0/vK6jnz+sfb7EvXzOFXucTWLQXP9IgV/:QPrNP0/d9T7E/6IcTwG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adeae3d1b0207ff0654e159eb2010d10_JaffaCakes118

Files

adeae3d1b0207ff0654e159eb2010d10_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1240422053214a33e11fefde9a9cfb6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\yUHmnAog\qAbnvWbwjGHzj\fzjdcXzzbzRE\ucldpgsaIbvptj.pdb

Imports

gdi32

StartPage
SetRectRgn
CreateBrushIndirect
SaveDC
SetBkMode

shlwapi

StrRChrA

user32

SetSysColors
GetDoubleClickTime
SetCursorPos
SetFocus
GetMessagePos
wsprintfA
BeginDeferWindowPos

kernel32

GetModuleFileNameA
FreeLibrary
SetCommTimeouts
HeapSize
HeapWalk
MoveFileW
SetErrorMode
LoadLibraryW
GetModuleHandleA

msvcrt

_controlfp
__set_app_type
atol
gets
__p__fmode
__p__commode
_amsg_exit
fread
_initterm
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 253KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE