cf520752e8c61ff2f1a37167e25f6303_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf520752e8c61ff2f1a37167e25f6303_JaffaCakes118
Size

56KB
MD5

cf520752e8c61ff2f1a37167e25f6303
SHA1

b25f71f8a31896d522899862d75a9318702de6ff
SHA256

48e7be32b0a66f14a9b845ecfd62b8bf346da9c3f84a4fb5ba39532f963a2037
SHA512

8c2926383f9bfa23ae86fa4a111df7d48d946c4749c85a3ec182fead587a168d29aa81a96e2c644a33e51a008e277d1f1ca32ebe8c6ea17ffc31cd3236b4f3b0
SSDEEP

1536:KZ6S3IYdKA+R68x6JuNWx2z/r2qJOXmRgwq2tnC:KES35T0f6SWkaqJ2mR99

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf520752e8c61ff2f1a37167e25f6303_JaffaCakes118

Files

cf520752e8c61ff2f1a37167e25f6303_JaffaCakes118
.exe windows:3 windows x86 arch:x86

6994a1153cc5a4b94c82a85e7d2456a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CreateFileA
DisableThreadLibraryCalls
EnterCriticalSection
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetLastError
GetModuleHandleA
HeapFree
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
LocalAlloc
MultiByteToWideChar
QueryPerformanceCounter
lstrlenA

user32

DialogBoxParamA
EndDialog
EndPaint
GetCapture
GetClientRect
GetDesktopWindow
GetKeyboardType
GetWindowLongA
GetWindowRect
IsChild
IsIconic
LoadCursorA
LoadStringA
PostQuitMessage
SetDlgItemTextA
SetFocus
ShowWindow
TranslateMessage
wsprintfA

Sections

CODE
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1014B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ