d230d9ac4fdd9642527dba1da491b0c7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d230d9ac4fdd9642527dba1da491b0c7_JaffaCakes118
Size

457KB
MD5

d230d9ac4fdd9642527dba1da491b0c7
SHA1

eec6136f4b7395a436310678b51f0f162bfe8516
SHA256

d2c88e522649eaa9200a32e24864e509f307663cd5ccce041d8420b2a1d7d114
SHA512

039980bd2f9d6a27f1921b4b0fe7e7fd53418b4b2a98f5f352e1911526140b6a2d87e0202480721bf2c7760d7aef4e85c91fbcbd9d289de82fd56af289f72cda
SSDEEP

12288:CwapRSVFRl6+bB+6uLhtJgiPHpMLaT3u3qxVN:NapR4zlpB+Jhr7iaTdfN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d230d9ac4fdd9642527dba1da491b0c7_JaffaCakes118

Files

d230d9ac4fdd9642527dba1da491b0c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ceb42364ca911b42dff476f97ab12516

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
LCMapStringW
QueryPerformanceCounter
GlobalMemoryStatus
GetDiskFreeSpaceExW
GetLongPathNameA
Process32First
Process32Next
OpenProcess
OpenThread
SuspendThread
ResumeThread
lstrcpyA
CreateToolhelp32Snapshot
GetModuleFileNameW
CreateDirectoryW
SetFileAttributesW

msimg32

TransparentBlt

shell32

SHCoCreateInstance

user32

DestroyWindow
FindWindowW
SendMessageA
PostMessageA
EnableWindow
PeekMessageA

gdi32

CreateBitmap
CreateSolidBrush
GetFontData
SetBrushOrgEx
GetObjectW

Sections

.text
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ