be2668f2af49bf1ec79a0ef0d379aaa4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be2668f2af49bf1ec79a0ef0d379aaa4_JaffaCakes118
Size

25KB
MD5

be2668f2af49bf1ec79a0ef0d379aaa4
SHA1

236c352c50b2131969d4c68630cbefcf7a706c0b
SHA256

e98faca00df3e75cb3d0abc98cc9141c26cc17d2f79a8c6aa705b8f9245ec668
SHA512

099cba6907f27ed5c1753be170d84d1741ccc086fa43d5dcd345d82c37ad18200380779736c680f768ae3fd78b8e833c52966580a20c1f839a04a599ecc299ff
SSDEEP

768:bj7PGLAYzHtAVJ4j651d/FbbQPJqJJlpNLNGsz+/BCXfhpa23u:7PGLZHAm6Vp9rLNGsz+/BCXfhpa23u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be2668f2af49bf1ec79a0ef0d379aaa4_JaffaCakes118

Files

be2668f2af49bf1ec79a0ef0d379aaa4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7264e65de59f5666874a58e842dc70d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetProcessHeap
GetModuleHandleW
FindResourceExW
LockResource
LoadResource
SizeofResource
EnumResourceNamesW
lstrlenA
lstrcatA
lstrcpyA
WriteFile
FreeLibrary
FindResourceW
LoadLibraryExW
CloseHandle
ReadFile
GetFileSize
CreateFileW
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc

shlwapi

SHAutoComplete

comdlg32

GetSaveFileNameW
GetOpenFileNameW

user32

DialogBoxParamW
MessageBoxW
GetDlgItemTextW
SendMessageW
GetDlgItem
SetDlgItemTextW
SetWindowLongW
CreateDialogParamW
ShowWindow
DestroyWindow
EndDialog
LoadImageW

ole32

OleInitialize

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ