d36deb9b30b37e8afcd47fd89f72ea72_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d36deb9b30b37e8afcd47fd89f72ea72_JaffaCakes118
Size

203KB
MD5

d36deb9b30b37e8afcd47fd89f72ea72
SHA1

afb9ea2d8a0e240c7ed02d7dae87fb985206749a
SHA256

d71acfbd1855a47fef1c2b65a56ea4f41004d6442cc6092a980b771f412dbd22
SHA512

a7fdf82f7384bfb77f2a47734ec3c038f404640bfde613630525c7ca2bd1f10f91784e58ff457c19aa72d1270e803fc2aa83ecf7e603a922b339342a75b23d18
SSDEEP

6144:SUddvHRnbeul/SZ9Ws1PPQU69c2oYV8cYo:PdxRnbeulKZUEwU6y/k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d36deb9b30b37e8afcd47fd89f72ea72_JaffaCakes118

Files

d36deb9b30b37e8afcd47fd89f72ea72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4becf3ff83b4ce2826672083ff8cc3a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsA
GetUserDefaultLangID
GetProcessHeap
CloseHandle
GetProfileIntA
FindAtomA
GlobalFlags
GlobalFree
LocalHandle
CreateMailslotA
ExitProcess
CreateJobSet
GetProfileStringA
GetStdHandle
GlobalLock
EnterCriticalSection
GetOEMCP
VirtualAlloc
GetModuleHandleA
GetVolumePathNameA
GetTapeStatus

user32

GetWindowTextLengthA
IsIconic
ShowWindow
ReleaseDC
RegisterClassA
DrawEdge
GetFocus
CloseWindow
GetWindow
GetActiveWindow
GetWindowTextA
GetDC
GetParent
GetForegroundWindow
GetClassInfoExA
EndPaint
GetClassNameA
BeginPaint
ValidateRect

gdi32

GetColorSpace
CreateDCA
GetCharWidthA
CreateDIBitmap
ExtCreatePen

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ