d269953dbf9b1b088f79deb7ee58bda4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d269953dbf9b1b088f79deb7ee58bda4_JaffaCakes118
Size

744KB
MD5

d269953dbf9b1b088f79deb7ee58bda4
SHA1

0155d667bb93b5a8e8307e321870e6f32fb48ec3
SHA256

fa15fb5491167353f9e759bdd86c42d2d009aded5b7969ed10a397be0b501b8e
SHA512

8ccddc317e5c3bfc32f8e192af92360ed9d2f0cc7d11bc2efcfce1c4bf4e691412e8f55f3448f61a94b85aaa0d175fdfeb40d9400cfa82ac8384b10b13bb1293
SSDEEP

12288:s1GH7OE0u8plb80WwVTnvmUZy5YxT/OLU/Ns5rUked97Lnk3Ov9:LOEEk0WwFvmUBxTrNWrPed9fUM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d269953dbf9b1b088f79deb7ee58bda4_JaffaCakes118

Files

d269953dbf9b1b088f79deb7ee58bda4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32eb5a6bf0e1a2dcaac76d28131894ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
UnmapViewOfFile
VirtualProtect
FindVolumeClose
GlobalFree
GetLogicalDrives
CompareFileTime
InterlockedExchange
GetTickCount
OpenSemaphoreA
GetLastError
ExitProcess
GlobalFlags
GetMailslotInfo
CreateMutexA
LoadLibraryW
SetEvent
CloseHandle
GetModuleHandleA
GetOEMCP
GetSystemTime

user32

DestroyMenu
DialogBoxParamA
InsertMenuA
LoadIconA
EqualRect
TranslateMessage
MessageBoxA
DrawFrame
PostQuitMessage
ModifyMenuA
ScrollDC
GetKeyboardLayout
SetWindowPos
GetWindowLongA
GetMenu
GetTitleBarInfo
InflateRect
GetSubMenu
PrintWindow
DispatchMessageA
GetParent
UpdateWindow
EnableScrollBar
GetScrollRange
PostMessageA
ShowWindow
GetDlgItem
SetPropA
GetMenuStringA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ