c20abaa784a8b971555c6e0c09580d14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c20abaa784a8b971555c6e0c09580d14_JaffaCakes118
Size

92KB
MD5

c20abaa784a8b971555c6e0c09580d14
SHA1

5c4e3c9ae7d2880e0da10504bcaa266cc8b093e3
SHA256

c902c20bb1565aa15b408b99c982ab1a85fe0e0d14b43bb2b06247d0e036afcb
SHA512

1fdc952462487e40b95cb838683ea8df7869d0ccb1feb2342ba848f8de54ec3b7b337b49709ac18d03f2c4332a1b7be58ff75662797840f5f7b9820e2be2c8fb
SSDEEP

1536:A/Dd0AfRHlZjznW5qNeeyITyCcc+XpO0XNsoFPYSY6RqIgHwTIHWN0rq2:Ah11lZnn6C5yImJc+M0dBpYSxqIgQTJK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c20abaa784a8b971555c6e0c09580d14_JaffaCakes118

Files

c20abaa784a8b971555c6e0c09580d14_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5563b9c517e000ec7ee5c821161fb722

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongA
EndPaint
LoadCursorA
LoadIconA
RegisterClassExA
EnableMenuItem
CheckMenuRadioItem
SetWindowTextA
BeginPaint
CreateWindowExA
ShowWindow
UpdateWindow
TranslateMessage
DispatchMessageA
GetMessageA

gdi32

GetStockObject
LineTo
CreateSolidBrush
DeleteObject
GetBkColor
CreateHatchBrush

ole32

CreateObjrefMoniker
CreateItemMoniker
ProgIDFromCLSID
OleRegEnumFormatEtc
CoInitialize
StringFromGUID2

oleaut32

SafeArrayAllocDescriptor
SafeArrayDestroyDescriptor
CreateErrorInfo

kernel32

GetFileSize
InterlockedIncrement
HeapDestroy
HeapFree
FindAtomA
LeaveCriticalSection
GetVersionExA
EnterCriticalSection
InitializeCriticalSection
GetACP
GetStartupInfoA
GetLastError
QueryPerformanceCounter
GetModuleHandleA
GetCommandLineA
HeapCreate
HeapAlloc
DeleteCriticalSection

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE