d25fc7ffeebc44abe6da18bcd8c3e22d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d25fc7ffeebc44abe6da18bcd8c3e22d_JaffaCakes118
Size

211KB
MD5

d25fc7ffeebc44abe6da18bcd8c3e22d
SHA1

53b3d6f865161590b345ecaae35f289f4d6d9a5b
SHA256

5e80c0b280143aaf0aef35727ff3416b1a04b4c286ec6ac14ac44b52879cde84
SHA512

65e18511475a05af4619d4282c42a0168f0441b3e66faa63b22e9c750862e8fddd6f33d2aca92be9a6561652792eb19a7c3ba77e4a34fca881d36e79281bd61e
SSDEEP

3072:leVFk8D252JkcqIWfRjDhtsZOL+K4AwG6sH2thOAORhJCqgrn6hjXcuEdQpF1A:8c8DgAk5I6OOKdAcWH5tS6hMFr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d25fc7ffeebc44abe6da18bcd8c3e22d_JaffaCakes118

Files

d25fc7ffeebc44abe6da18bcd8c3e22d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b82f10400ec375c36aa25588494bc00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
EnumCalendarInfoA
GetCommandLineW
GetFileAttributesA
GetFileSize
GetStdHandle
GetTempPathA
GlobalFindAtomA
HeapFree
IsBadReadPtr
LoadResource
RemoveDirectoryA
SetStdHandle
SizeofResource
TlsAlloc
TlsFree
lstrcmpA

gdi32

BitBlt
CreateDIBSection
CreateICW
ExtTextOutA
GetTextFaceW
GetTextMetricsW
GetWindowOrgEx
PatBlt
Rectangle
SelectClipRgn
SetWindowExtEx

user32

CharNextA
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawTextA
EmptyClipboard
FillRect
RegisterClipboardFormatA
SetPropA
TrackPopupMenu
UnhookWindowsHookEx
wsprintfA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

to6EVWFz
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ