d1f65a57bd2f3933789d72ba32eeefc7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1f65a57bd2f3933789d72ba32eeefc7_JaffaCakes118
Size

71KB
MD5

d1f65a57bd2f3933789d72ba32eeefc7
SHA1

fa359c26a342905fd87daff065a9c92636e7132a
SHA256

813575b572f44a52a1a48efc8adc5582d785de9df7be654f9fcdbf674feb76c9
SHA512

d3a7fe507b93a334a6ccd01008fbad863fd08da3790109dc50063a0a81e471dd199b5357c20d8f30187c0e44b864c6b6afb925c94a7db93c1959336eef9dea81
SSDEEP

1536:/ZjJktT2f91g7wEnd5HzcVmkndEnT+jw41rES3C3XE76s:/02g7wcTDT+c4hEDJs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1f65a57bd2f3933789d72ba32eeefc7_JaffaCakes118

Files

d1f65a57bd2f3933789d72ba32eeefc7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ee60ca9788499b19dc3cfab230ad5002

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\zrVyje\Exeql\zNthTfup.pdb

Imports

kernel32

SetupComm
IsValidLocale
lstrcatA
lstrlenA
RaiseException
SetHandleInformation
CreateSemaphoreW
GetCommandLineA
SetEndOfFile
WaitForDebugEvent
GetStartupInfoW
GetModuleFileNameW
SetTimerQueueTimer

comctl32

ImageList_GetIcon
ImageList_ReplaceIcon
CreateToolbarEx
ImageList_AddMasked

gdi32

GetNearestPaletteIndex
DeleteDC
RectVisible
SaveDC
SetTextColor
SetMapMode
OffsetRgn
EnumFontFamiliesExW

user32

DialogBoxParamA
wsprintfA
SendDlgItemMessageA
SetActiveWindow
GetMenuState
GetActiveWindow
GetCaretBlinkTime
DestroyWindow
IntersectRect
SetRect
GetDlgItem
DestroyCaret
SetWindowPlacement

Exports

Exports

?JpksspWylehrNYieazYr@@YGFPAH@Z
?wCdsehjaEzDJUZTasQucr@@YGFF@Z
?yJkcaqYyvgbsspnhlaq@@YGKF@Z
?mapzcivsLFzkxeteisgE@@YG_NN@Z
?qyaqWbftmDpVdw@@YGPANMH@Z
?QhgvXrxUagho@@YGHJM@Z

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ