d494041695bc84f0051fbfff62ab6535_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d494041695bc84f0051fbfff62ab6535_JaffaCakes118
Size

55KB
MD5

d494041695bc84f0051fbfff62ab6535
SHA1

886997d108f519f14c367fc6ed3a720ba6b5ee71
SHA256

578f5de4994e6a989c0a6171b209810f626ba37fdcb8de8cedc06bb452213d42
SHA512

b0b986d1f5d95517f0afecb7b2dc7c9365691124963573fa4d7d893df124c421b3d25f9b6dc55e9f628fb2bbc6e4672a401738603b2c726904746f8f74b6131b
SSDEEP

1536:0vm6qmepLLVYsbbAqotLkv5zkfcRItR4uivA:am6EpLLusbEJtgv5zetR4ui

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d494041695bc84f0051fbfff62ab6535_JaffaCakes118

Files

d494041695bc84f0051fbfff62ab6535_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8b28e8148be3bb91f78c7061be871a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowCursor
SetCursor
MessageBoxIndirectA
LoadImageA
EqualRect
CreateDialogIndirectParamA
CharLowerA

kernel32

ReadFile
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
VirtualAlloc
UnmapViewOfFile
TlsAlloc
CloseHandle
CompareStringA
EnumResourceTypesA
ExitThread
GetStartupInfoA
GetSystemTimeAsFileTime
GetTimeFormatA
InitializeCriticalSection
MapViewOfFile
OpenFileMappingA
RaiseException
SleepEx
RtlUnwind
SetEndOfFile

oleaut32

OleIconToCursor
OleLoadPicturePath
OleTranslateColor
SafeArrayAllocDescriptor
SafeArrayCreate
SafeArrayDestroy
VarBstrCmp

Sections

.text
Size: 18KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ