d296ce0b673e97d1bfc27a73d8c00e51_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d296ce0b673e97d1bfc27a73d8c00e51_JaffaCakes118
Size

408KB
MD5

d296ce0b673e97d1bfc27a73d8c00e51
SHA1

03c67c6ed0b081609085607323bf6c3a50ee8d32
SHA256

8edcfeb5e2d65cdfea3199d7f4537db8e3b384070a6157f52b8ebf3c26f86c01
SHA512

6ee0dce9b691d05ce28b23fa179e9b7b9fc5855fecc0e1c7b939a25922109664e86d4d5f5ccd059de96c69a797696f08b295a1c002458125a49efdce3abf35f4
SSDEEP

6144:YMjtCfZiqWwdwJM4IofS3Tab04A4LSGD8EV+8pOlB3ETmh6T8y81+Cxo8siA5U80:BCfZWH1G3TBHGDbANp90Xz3YJVr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d296ce0b673e97d1bfc27a73d8c00e51_JaffaCakes118

Files

d296ce0b673e97d1bfc27a73d8c00e51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba738c28c3082f2c540fe5ce74aa83d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
DebugBreak
UpdateResourceA
LocalReAlloc
WaitForSingleObjectEx
EnumResourceNamesW
FindNextFileA
IsDBCSLeadByteEx
GetFileAttributesExA
GetCompressedFileSizeW
GetCommState

user32

GetWindowInfo
GetMessageTime
CreateDialogIndirectParamA
DestroyCaret
CreateIconIndirect
GetMenuItemCount
LoadMenuIndirectW
ToUnicode
SendInput
SetRect
GetTitleBarInfo
GetWindow
SetWindowsHookExW
GetInputState

Sections

.text
Size: 32KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 758B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ