d44ad62d130d3ef237ce874efc9987bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d44ad62d130d3ef237ce874efc9987bc_JaffaCakes118
Size

97KB
MD5

d44ad62d130d3ef237ce874efc9987bc
SHA1

8258591c2b24d1f8d2a91192d4b3d9e13eb2e91d
SHA256

1e79d459ed8de0af1eb36138007905e4133533d560c4193cc00cf173c37a26ff
SHA512

b2d410f0571a1e24fc185940027a76eadf6c563c60623f72156b7f2e8f3899d7cd570cff6e8d39d1d8d180c2980f379779fc4f1853e1332c6022a275e1741f28
SSDEEP

1536:VwSJkfdArtuCQpjeGFS60e/ioFHqBHaBe+Fh5B0a5IoKr:VXJkMtyAJ60e/VFHuao8XqkIoQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d44ad62d130d3ef237ce874efc9987bc_JaffaCakes118

Files

d44ad62d130d3ef237ce874efc9987bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83630417325691a88fac2728fbcef213

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
SetEvent
CompareStringA
GetThreadLocale
GetOEMCP
CreateThread
ReleaseMutex
GetUserDefaultLangID
GetPriorityClass
TlsFree
GlobalFindAtomA
GetVolumeInformationA
VirtualAlloc
TlsGetValue
CreateMutexA
CreatePipe
GetProcessHeap
IsDBCSLeadByte
GetConsoleCP
GetModuleHandleA
GetExitCodeThread

user32

GetClassNameA
DrawTextExA
GetWindow
ShowWindow
GetWindowTextA
GetClassInfoExA
GetSystemMetrics
ValidateRect
RegisterClassA
GetActiveWindow
CloseWindow
GetDC
IsWindowVisible
GetWindowTextLengthA
GetForegroundWindow
ReleaseDC
InvalidateRect
GetFocus
IsIconic

shell32

SHGetFolderPathA
SHGetFileInfoA
SHBrowseForFolderA
SHChangeNotify
SHGetMalloc

userenv

LoadUserProfileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ