af1f0e0539d42e98e60b9dcfa82d257e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af1f0e0539d42e98e60b9dcfa82d257e_JaffaCakes118
Size

42KB
MD5

af1f0e0539d42e98e60b9dcfa82d257e
SHA1

cf25a52dda5bc86a533d2a087c41d749a5ddfa8e
SHA256

5d262c4c50a59f06d623671c0dbd54d63fa4a9d98af2d4ca1caa573348f1f2f4
SHA512

6967c28322c892bc5f5fff94c33b158301df8d60b574bbfb1fc71ac30457bf1e13fb5b383e9ac197a8b0954c88b5daff6df7c861b937c9e87011b16760b59897
SSDEEP

768:kIGyIsWQEwCNfZIlrJuM/AmTmrhx35evUL/nVYHDZ:QZTNZIlcM/AAEm8raZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af1f0e0539d42e98e60b9dcfa82d257e_JaffaCakes118

Files

af1f0e0539d42e98e60b9dcfa82d257e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

525ebf51ad968ac1767f7d2de66d4422

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassNameA
FindWindowExA
CharUpperBuffA
GetWindowLongA
GetDC
GetForegroundWindow
GetClientRect
SendMessageA
MessageBoxA

kernel32

lstrlenA
CreateThread
CreateFileA
GetVersionExA
lstrcpyA
ReadFile
VirtualAlloc
GetFileTime
GetLastError
GetModuleHandleA
GetTickCount
DeleteFileA
lstrcmpiA
GetLocaleInfoA
TerminateThread
VirtualFree
SetEndOfFile
SetFilePointer
CloseHandle
WideCharToMultiByte
GetProcAddress
WriteFile
ExitProcess
LoadLibraryA
lstrcatA
GetFileSize
lstrlenW
lstrcmpA
Sleep

gdi32

GetPixel
CreateCompatibleDC
SelectObject
DeleteDC
BitBlt
CreateDCA
DeleteObject
CreateDIBSection
GetDIBits
SetPixel

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_INIT_
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE