d4f897dc20e3e1947d9c496834816214_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4f897dc20e3e1947d9c496834816214_JaffaCakes118
Size

48KB
MD5

d4f897dc20e3e1947d9c496834816214
SHA1

7a0e4e9773879d7c105c711bb90dd11eb80999e0
SHA256

02949a0cc9e0c97f4d5844f93e7e21b21a62217ecf4856a2e52bdccf3030187a
SHA512

bdb524c6b05a6c1b8ba560bfd4e923211bfa988a51f0e7ed80c4aebf1d50ec3377c06c6b3eec2d24eeddc710f99678f60097ec0ecc28bb063ff250685915d4b7
SSDEEP

384:NgdIbcTTTWZ1at4E19jORNFpi3QRmqX7mQlZGCOGF5tUcYsNVozhJ:NdnYjjORTpi3QS4ZGvkF2hJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4f897dc20e3e1947d9c496834816214_JaffaCakes118

Files

d4f897dc20e3e1947d9c496834816214_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1bba04bf1ee8922d044a9f60cd7e77b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoA
lstrlenA
LoadLibraryA
GetModuleHandleA
GetStartupInfoA

user32

OpenIcon
AnimateWindow

comdlg32

ChooseFontA

msvcrt

_adjust_fdiv
_exit
_XcptFilter
exit
_acmdln
_initterm
__setusermatherr
__getmainargs
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 8KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ