b54ac76f419914b7cf5f191aa9309afe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b54ac76f419914b7cf5f191aa9309afe_JaffaCakes118
Size

158KB
MD5

b54ac76f419914b7cf5f191aa9309afe
SHA1

ea7722f0720d2a4c9d214079e6583a440564b6d9
SHA256

18001f8f5a763dfe6c47fa14455a8602e43aa32b11885b6aae3ff87df78cb708
SHA512

71b20e61b9a5a81a02389e0563b7b1334014024644f58972353c9d9b2b3627c8e2be41ee74a314eae0e2b06b71f0cf2c73f011ad2d1b6f9705b6ede5672bb2af
SSDEEP

3072:Rum4GwWVXe1chlKcrvNfFNXNhfn7q7L69U:b4cVuQKc59N9L9U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b54ac76f419914b7cf5f191aa9309afe_JaffaCakes118

Files

b54ac76f419914b7cf5f191aa9309afe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2801366cdf2798d33b474d253f59db37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetAncestor
CharUpperW
PostThreadMessageW
SetTimer
CharNextW
GetDC
wsprintfW
GetMessageW
KillTimer
DispatchMessageW
TranslateMessage
UnregisterClassA

winspool.drv

DocumentPropertiesW

kernel32

lstrcmpiW
lstrcpynW
GetTickCount
GlobalFree
MultiByteToWideChar
LockResource
CheckRemoteDebuggerPresent
lstrlenW
EnumResourceTypesW
DeleteCriticalSection
OutputDebugStringW
FindClose
lstrcpyA
WideCharToMultiByte
GetLastError
InitializeCriticalSection
GetACP
GlobalAlloc
GetCPInfo
lstrcpyW
GetModuleHandleW

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ