d499629a2ec7588e41799b5e1a9215ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d499629a2ec7588e41799b5e1a9215ad_JaffaCakes118
Size

365KB
MD5

d499629a2ec7588e41799b5e1a9215ad
SHA1

39f61b6798863a9121ddae65f55aad6103908630
SHA256

6b4da3cb2dfab193a0e5049c8d0ee6db205720cffe04579ca6d35df19808225f
SHA512

e1bcda3afa26fe11a84dbbdb7f3f1a8a955d1b6fba49c5bcf03a42195f0177bb135d43c92760528c2f3a832b247ae15bb7bd425aed7d2e61ccd6ed470b5576b5
SSDEEP

6144:sERMua4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:sERMZx4ojf51aTcK0NEQUd0op3QlL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d499629a2ec7588e41799b5e1a9215ad_JaffaCakes118

Files

d499629a2ec7588e41799b5e1a9215ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f14bdf2adff79e516dc1e31287563cc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetFileAttributesA
GetConsoleAliasW
LocalFree
GetModuleFileNameA
ReadFile
ResumeThread
SetEvent
FindAtomW
EnumCalendarInfoW
GetModuleHandleA
HeapCreate
GetDriveTypeW
GlobalFree
FindClose
CreateMailslotA
SetLastError
GetPrivateProfileStringW
EnterCriticalSection

user32

GetClassInfoA
GetKeyState
GetCursorInfo
DrawTextW
IsWindow
DispatchMessageA
GetSysColor
SetFocus
GetMenuInfo
CallWindowProcW
GetClientRect
GetKeyboardType
DispatchMessageA

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ