d42f680481cf3368b0cead6b483ac96c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d42f680481cf3368b0cead6b483ac96c_JaffaCakes118
Size

108KB
MD5

d42f680481cf3368b0cead6b483ac96c
SHA1

48e79055de4deb91f8b867ef43ca1b01c3fa6f60
SHA256

76ac152cbc32ee7cd8e19a4bbf1b236b8af5a0315693b3901265b8a1c49e0eb1
SHA512

fdd8fc5ac70ec867c44e7a289851ede123ca88853cfbb3160adf2df3a7a922744e28547e16a40bb25f29021007f616ff3ca1c8b338a70dc868075419dcc7232a
SSDEEP

1536:cyJYgfeazNDviyemwl2NuDyMrD/etrH0yq3rW1DDJ9T8pEpsn2Pwuo7KHF2gZGW6:hjD//NOyKKH0ymrKvJ9FWnswuoEH0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d42f680481cf3368b0cead6b483ac96c_JaffaCakes118

Files

d42f680481cf3368b0cead6b483ac96c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37930b8284e5213868aeeba1e017794a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
CopyFileA
ExitThread
CreateFileA
WriteFile
CloseHandle

comctl32

DPA_DestroyCallback
DrawInsert
FreeMRUList
DrawStatusTextW
DPA_Search

Sections

.text
Size: 75KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE