d3634fa3f3de35c235bcadb6659aaa22_JaffaCakes118 | Triage

Sharing

General

Target

d3634fa3f3de35c235bcadb6659aaa22_JaffaCakes118
Size

174KB
MD5

d3634fa3f3de35c235bcadb6659aaa22
SHA1

6afd395d3520ef7d9b962441444d1c03a898c132
SHA256

bfe2fab963e3f1008eb79cbc7a3f6d776478d7fcb83f390829a2598d086e1fa1
SHA512

1c04bfff2b39475782a159bcf31b42db94d79401966eac2a1b71024f0206b6b85f7d7615e8aae7aba3c444df077932623df3fa2aec269e08dc10bafc7346dab0
SSDEEP

3072:pMvuy8gj8uI0nHuaz5dxHGyHNqpL9JAwTcwctI/ryF5bWZpGZ2Yax/L:g0pu/jd1BHIfrTAtI2F56PHR/L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3634fa3f3de35c235bcadb6659aaa22_JaffaCakes118

Files

d3634fa3f3de35c235bcadb6659aaa22_JaffaCakes118
.exe windows:5 windows x86 arch:x86

60ba5506f598f3689f198a4a80110813

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\LnDyjertkfq\wqXmVEFgspg\yRspeXyxNhepo\ixkxpcVC\kudrxodTf.pdb

Imports

user32

RegisterClassA
SendMessageTimeoutW
GetUserObjectInformationW
CreateDialogParamW
GetDlgCtrlID
ShowWindow
wsprintfW
GetDC

kernel32

GetModuleFileNameA
LoadLibraryA
SetThreadAffinityMask
GetThreadTimes
lstrlenA
lstrcmpiW
GetCompressedFileSizeW
GetModuleFileNameW
LoadLibraryExW
GetCommConfig
SetHandleCount

gdi32

Rectangle
CombineRgn
EndDoc
GetRgnBox
GetViewportOrgEx
PolyBezier

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
atoi
_XcptFilter
_exit
_cexit
memset
__setusermatherr
__getmainargs
setlocale

shlwapi

UrlGetLocationW
ChrCmpIW

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idir
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 142KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE