b493d884ef3788c124122e2221c38459_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b493d884ef3788c124122e2221c38459_JaffaCakes118
Size

393KB
MD5

b493d884ef3788c124122e2221c38459
SHA1

3f42b43f5df2cb0321d0eb233c18f69421af3803
SHA256

c1f34420cf4838cdf7251bec88952c3ab4ba9463a730bca0484738de898f6483
SHA512

f478d20989787f425471e9b2ed671f2b172dd2ed2ab5f8a50a187708a63e5687d0f5f063e34d67c47a35e1b0ffd2dc9c8c8444f7eb9dc36c037c7240e2b4c3eb
SSDEEP

12288:27GQnhxUUSbuGFehOsuC8XmklbEbBU5Cqq:27fnhxnSbuaPCqmklx5Cqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b493d884ef3788c124122e2221c38459_JaffaCakes118

Files

b493d884ef3788c124122e2221c38459_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fc8a9513bd8fe309c9c5b98e76e4fc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
FindAtomA
GetLastError
FreeEnvironmentStringsA
CreateFileA
Sleep
GetModuleHandleA
GetACP
LocalFree
ExitProcess
LocalLock
FindClose
WaitNamedPipeA
GlobalUnlock
CloseHandle
HeapCreate
GetConsoleAliasW
CreateFileMappingA
LoadLibraryExA
TlsGetValue

user32

DefWindowProcW
GetIconInfo
CallWindowProcA
CheckRadioButton
GetDC
GetDlgItem
DrawTextA
DispatchMessageA
IsWindow
FillRect
SetFocus
DrawEdge
CopyRect
MessageBoxA

clbcatq

GetComputerObject
SetSetupSave
GetCatalogObject
InprocServer32FromString
SetSetupOpen

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ