d4b03ad811c011d0cde72650501d9c59_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4b03ad811c011d0cde72650501d9c59_JaffaCakes118
Size

637KB
MD5

d4b03ad811c011d0cde72650501d9c59
SHA1

9c37811c8b1a6b7b7dd9ceac93633b3d02a63ce2
SHA256

4426bb46601adc3b2fe55b0f19ce8152217fd41cef27512809d770fe1db5a531
SHA512

0c5f74f1b39ab4e9e33994397cebe251015b5a6b6be398984f9a9680bcc8c127045a32690004743f77b103cebba4805befbb917096b3d5ea35324f33ece259f8
SSDEEP

12288:ZWhBs+1Dt0keMxURF24NT55rMAj/K0O9gtYt71nb5IMGIyBmzdg7:IA+1DtCZNNxMAj/KDatYRYIym67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4b03ad811c011d0cde72650501d9c59_JaffaCakes118

Files

d4b03ad811c011d0cde72650501d9c59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c773c7ff34484ba1ea6ce05c6c203a1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
InterlockedExchange
WaitForSingleObject
GetModuleHandleA
IsDebuggerPresent
VirtualProtect
HeapDestroy
GetACP
GlobalSize
PeekConsoleInputA
HeapCreate
GetOEMCP
FreeConsole
GetCommandLineA
GetCurrentProcessId
LoadLibraryA
ResumeThread
GetTapeStatus
GetTimeFormatA
GlobalMemoryStatus
GetUserDefaultLCID

user32

GetDC
DragDetect
CreateIcon
GetParent
GetCursorPos
FillRect
ShowWindow
GetTitleBarInfo
FrameRect
SetForegroundWindow
GetWindow
ReleaseDC
AnyPopup
GetClassNameA
wsprintfA
BeginPaint
GetFocus
EndPaint
DrawTextA

atl

AtlUnadvise
AtlGetVersion
AtlAdvise
AtlModuleInit
AtlModuleTerm

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ