cfa28c9f3c26306e8cbec119652b67b9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfa28c9f3c26306e8cbec119652b67b9_JaffaCakes118
Size

43KB
MD5

cfa28c9f3c26306e8cbec119652b67b9
SHA1

c3dd16d535e2bed10cca952d52709f6a6c9029b2
SHA256

9437e158d50b24df5020e343ce192c0fb800cca87a796c1dc4465134f337e5c2
SHA512

e4f1fec7d9104d8b784b2a58f7643abe26e9153c404099c15ec338a02434521195d1bbdd2aacaa047af9ad087fa9a87a39eaeb40dfb520f9ca3d1e25bc11de82
SSDEEP

768:+9eva89BifOoGPi7qA++2vL2GMwTIIFWLHO66YeILUE9R7fZZhjnzWy665HX/V:fvZBiIP3LvyG/TPFt66YTLUWfHhjnL1t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfa28c9f3c26306e8cbec119652b67b9_JaffaCakes118

Files

cfa28c9f3c26306e8cbec119652b67b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92069380fdd15a8c98aead8048ca6d62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBW
CancelDeviceWakeupRequest
CreateEventW
DisableThreadLibraryCalls
EnumResourceNamesA
ExitProcess
GetCompressedFileSizeA
GetFileAttributesExA
GetLocaleInfoA
GetProcessWorkingSetSize
GlobalWire
IsDebuggerPresent
OpenSemaphoreW
ReadConsoleOutputA
SearchPathA
SetEnvironmentVariableA
SetPriorityClass
SwitchToFiber
WriteProfileStringA
WriteProfileStringW

user32

AppendMenuW
CallMsgFilterA
CreateMenu
DrawStateW
EnumDisplaySettingsA
FindWindowW
GetPropA
HiliteMenuItem
MsgWaitForMultipleObjectsEx
OemToCharW
PeekMessageA
SendMessageCallbackW
SetSysColorsTemp
TileChildWindows
UnhookWindowsHookEx
UnpackDDElParam
ValidateRgn
WaitMessage
wsprintfW

gdi32

CopyMetaFileW
CreateRectRgn
CreateScalableFontResourceA
GdiGetBatchLimit
GetDeviceGammaRamp
GetGraphicsMode
GetICMProfileW
GetMetaFileBitsEx
GetObjectType
GetTextAlign
PlgBlt
PolylineTo
RestoreDC
SelectClipRgn
SetFontEnumeration
SetPixelFormat
SetTextAlign

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE