b66cd4f53bb9b302d038943c9445422b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b66cd4f53bb9b302d038943c9445422b_JaffaCakes118
Size

167KB
MD5

b66cd4f53bb9b302d038943c9445422b
SHA1

36f8c57f80c55da7d3bec7af71146fcb0e7be0d8
SHA256

39d97d4f87b4e2d560c0dde710c65e69000a06284f7cb864b2ddc57503fd949c
SHA512

3e834da6ee902a17bc3b60111ae98133520776549cb8e806c459dbdb94be6c4c07e5261039dd35be2c82ae8be9d80e997aed53a4670d4e02f022560f4ca71a20
SSDEEP

3072:n/A1A1RvF1ffGkxNlXJC0BlR8RqdZoLOTHW2BLExQ7Kq27cvXMop0RwA:n8cRPmkNU0BlR8Rq3s0BBEQ+q27+8oeF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b66cd4f53bb9b302d038943c9445422b_JaffaCakes118

Files

b66cd4f53bb9b302d038943c9445422b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4edca2237706641ec48133cdeda5519b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetOEMCP
GetFileType
lstrcpynA
LCMapStringA
LCMapStringW
lstrcpynW
GetCPInfo
GetCurrentProcess
WriteFile
CreateFileA
GetStartupInfoA
GetStringTypeW
TerminateProcess
GetStdHandle
MultiByteToWideChar
lstrcatA
GetACP
GetStringTypeA
SetFilePointer
lstrcpyA
SetHandleCount
GetVersion
GetCommandLineA

user32

CopyRect
DrawTextA
DrawTextW
LoadCursorA
LoadMenuA
DrawIcon
GetMenu
GetWindowTextLengthA
CopyImage
CopyIcon
GetDC
InsertMenuA
IsWindow
GetDlgItem
GetCursor
GetWindowTextA
IsMenu
CloseWindow
EndDialog
DrawIconEx
CreateIcon
DialogBoxParamW

comctl32

DrawStatusTextW
ImageList_Add
ImageList_LoadImageA
DrawStatusText
DllGetVersion
CreateStatusWindow
CreateUpDownControl
ImageList_Destroy
ImageList_EndDrag
ImageList_DragEnter
ImageList_Draw
ImageList_GetIconSize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 17.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ