cfd037793d7c861fdf2fb3e24168e082_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfd037793d7c861fdf2fb3e24168e082_JaffaCakes118
Size

9KB
MD5

cfd037793d7c861fdf2fb3e24168e082
SHA1

bc08a488e7137dcfaab5061c637fb192536ce1cc
SHA256

9270e133064f684aafcf7a4ee4979311e92041c820accddcce5bd4c95e7fb36e
SHA512

b9c734f778cc88bc18a0acefd85510b2dafbbe67b633d27c9bd9c6793902e1d1dd07d2752b5f83d029f1f7b2fa09715743c3dc17133891dd0e2e29e0af015f2a
SSDEEP

192:zQx/pMjANcx5mlGlywTX4aZUM+mvtgl0Wo:zDjANcx5OutIDhk4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfd037793d7c861fdf2fb3e24168e082_JaffaCakes118

Files

cfd037793d7c861fdf2fb3e24168e082_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4369008916ffaa46c725471fd10bc579

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentProcess
GetCurrentThread
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
SetPriorityClass
SetThreadPriority
WritePrivateProfileStringA
lstrcatA
lstrcpyA

user32

AppendMenuA
BeginPaint
CheckMenuItem
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyMenu
DispatchMessageA
EnableMenuItem
EndPaint
FlashWindow
GetClientRect
GetDC
GetMenuState
GetMessageA
GetSystemMenu
GetWindowLongA
GetWindowRect
InvalidateRect
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
MessageBoxA
PostQuitMessage
RegisterClassExA
ReleaseCapture
ReleaseDC
SetCapture
SetClassLongA
SetCursor
SetMenuItemBitmaps
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TrackPopupMenuEx
TranslateMessage
wsprintfA

gdi32

CreateFontIndirectA
CreateSolidBrush
DeleteObject
GetObjectA
GetStockObject
GetTextExtentPoint32A
SelectObject
SetBkMode
SetTextColor
TextOutA

comdlg32

ChooseColorA
ChooseFontA

Sections

.flat
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE