cee1ddb79919ca2a1943eefebfc23616_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cee1ddb79919ca2a1943eefebfc23616_JaffaCakes118
Size

131KB
MD5

cee1ddb79919ca2a1943eefebfc23616
SHA1

6c927d7ede74ddd9d0e5b7757fb24c57e554063b
SHA256

4a72f4048c04adebe06010d09141760707dd5b5f4e0e2a73b717869fbec4c9b9
SHA512

b28262576167aa0195a32b27f223801d70b4d3c0f7b9a1a5883c4cf84e279cb1005c3e3b318450879d179ae081903b4f7d2c0e64988853c8ca0809f9354b33c1
SSDEEP

3072:oNLjddNXwiTFaETQ2oSCHA5DzDHXCiVKZ2SLxnXAjW:+LpLFQ2xSCe5Qy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cee1ddb79919ca2a1943eefebfc23616_JaffaCakes118

Files

cee1ddb79919ca2a1943eefebfc23616_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b8a5d8abedbcfb4a187e1ea43ffb23e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetFileAttributesW
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetVersion
GlobalUnlock
HeapAlloc
HeapReAlloc
IsDebuggerPresent
LCMapStringW
LoadLibraryA
LocalFree
SetUnhandledExceptionFilter
SizeofResource
VirtualAlloc
VirtualFree

user32

BeginPaint
DestroyMenu
DestroyWindow
DrawTextA
IsIconic
SystemParametersInfoA
UnregisterClassA

gdi32

CreateFontIndirectA
CreateSolidBrush
ExtTextOutA
GetCurrentPositionEx
GetDIBColorTable
GetDeviceCaps
GetEnhMetaFileHeader
GetSystemPaletteEntries
GetTextExtentPoint32A
LineTo
RealizePalette
SaveDC

shell32

DragQueryFileW
SHAppBarMessage
SHBrowseForFolderA
SHBrowseForFolderW
SHCreateDirectoryExA
SHGetDiskFreeSpaceExW
SHGetMalloc
SHGetSettings
ShellExecuteEx
Shell_NotifyIconA

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ