b9fe24b951a03d762cc953c78660f584_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9fe24b951a03d762cc953c78660f584_JaffaCakes118
Size

164KB
MD5

b9fe24b951a03d762cc953c78660f584
SHA1

b71812d26bee9d2e09a4a935564255bf7610b4e3
SHA256

e519c2a2eb23e14dff9f2f77748338892422c6fa82e0eea57183706bdfa42e48
SHA512

58b8535db935c54fef9d8b1be26820d959add361ca9d494ea1f8cc31c307958b83572a683ab8aee9632f7071edf3b7a94be3967815a94919e7b61c96193340f1
SSDEEP

1536:edwyahjloxMswKoukGrlQHkv6k8LAuskqV6HJS0:edwyahjyMswKoAJQESk8skI6HJx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9fe24b951a03d762cc953c78660f584_JaffaCakes118

Files

b9fe24b951a03d762cc953c78660f584_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce71c8e64540ba8d72c27abb082e3185

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassNameA
GetMessageA
CharLowerBuffA
FindWindowExA
CharUpperBuffA
GetWindowLongA
GetDC
GetForegroundWindow
GetClientRect
SendMessageA
MessageBoxA

kernel32

lstrcmpA
lstrlenW
LoadLibraryA
GetModuleHandleA
CreateThread
GetCommandLineA
CreateFileA
VirtualProtect
GetVolumeInformationA
ReadFile
VirtualAlloc
GetFileTime
GetLastError
Sleep
GetTickCount
DeleteFileA
lstrcmpiA
ExitProcess
VirtualFree
SetEndOfFile
CreateProcessA
SetFilePointer
CloseHandle
WideCharToMultiByte
GetProcAddress
WriteFile
TerminateThread

gdi32

CreateCompatibleDC
SelectObject
DeleteDC
BitBlt
DeleteObject
CreateDIBSection
GetDIBits

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_INIT_
Size: 6B - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE