b8690f7ee3b6cf7fe9825a5e20b4936e_JaffaCakes118 | Triage

Sharing

General

Target

b8690f7ee3b6cf7fe9825a5e20b4936e_JaffaCakes118
Size

84KB
MD5

b8690f7ee3b6cf7fe9825a5e20b4936e
SHA1

32a8b6744a3dee1639c122aa8c65d118d0035bc8
SHA256

e243d95c57543519180e27aee86fbe0f0bf43ab7da5b76e794fcb5b3b0e378eb
SHA512

42918a60c2336862fd0d560f5e50153385333fcf5d85418e85a248a2b76f8e505368f84d9ec87212ca0a097ebfff1038c9b132c9ea23557c059fb59ccf3d2374
SSDEEP

1536:IHUwJ8CqX7iJDFDkFH5bm7UWI3SioeI1N+bTe642sS:GPqX7Op05bUhILIz+e64M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8690f7ee3b6cf7fe9825a5e20b4936e_JaffaCakes118

Files

b8690f7ee3b6cf7fe9825a5e20b4936e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43353f4a0bc4a4445d57e63d7c0e3205

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetSaveFileNameW
WantArrows
ChooseColorA

user32

GetSystemMetrics
SetWindowPlacement
EnableWindow

kernel32

GetStartupInfoA
GetOEMCP
lstrcpyA
ResetEvent
OutputDebugStringA
LocalShrink
HeapCreate
HeapAlloc
GlobalUnWire
ClearCommBreak
CloseHandle
CompareFileTime
CreateFileW
DebugBreak
DeleteFileW
EnumLanguageGroupLocalesW
ExitProcess
FindFirstVolumeMountPointA
GetACP
GetCommandLineA
GetCurrencyFormatA
GetDefaultCommConfigW
GetModuleHandleA
GetVersionExA

ole32

CLSIDFromString
CoBuildVersion
CoCreateGuid
CoCreateInstance
CoFileTimeNow
CoGetMalloc
CoTaskMemAlloc
CoTaskMemFree
CreateAntiMoniker
StringFromGUID2

dbghelp

StackWalk

comctl32

FlatSB_GetScrollRange

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ