d565be53c0732e5f0a7aba468be96ffb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d565be53c0732e5f0a7aba468be96ffb_JaffaCakes118
Size

141KB
MD5

d565be53c0732e5f0a7aba468be96ffb
SHA1

43814198b4345aa173570360636e369a2ed7810a
SHA256

961952d7ddae14aac7ee9571d29bd943768fde8f3ac2f9283880a734078a016d
SHA512

246c30e41134d815c762181e387cf150a3ef0e63c95116442be69d1df3623039f677713672f7141e4628a6b3a7c535704e12c8c28e6364d5180a15dc0e3aa067
SSDEEP

3072:1tQpfbGSO3pJH6Il4ofXH2TfkbrQCJzlcYL15y4oFSRicwGOXktiO4:1CipJHdlpHagrQCJJcYi6QpGOXkc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d565be53c0732e5f0a7aba468be96ffb_JaffaCakes118

Files

d565be53c0732e5f0a7aba468be96ffb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6d337fc778f75bc97c7040ffed8e4df2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\wgGpx\nLCfcj\RhkUkb\KEly\dvmhon.pdb

Imports

gdi32

RoundRect
GetTextExtentPointW
RestoreDC
CreateDiscardableBitmap
ExcludeClipRect
GetSystemPaletteUse

shlwapi

StrCatBuffW

user32

DispatchMessageW
wsprintfW
DialogBoxParamW
EqualRect
CharUpperW
GetWindowTextLengthA
BringWindowToTop
PostMessageA
GetMenuDefaultItem
CharPrevW
GetScrollRange
LoadCursorW
GetPropW
RemovePropW

kernel32

SetErrorMode
GlobalMemoryStatusEx
CreatePipe
lstrlenW
TlsSetValue
FormatMessageW
HeapSize
WaitForSingleObjectEx
CancelWaitableTimer
GlobalGetAtomNameW
SetFileAttributesA

Exports

Exports

?cdCtOhKk@@YGDGJ@Z
?lRhIoUlc@@YGHPAI@Z
?iNekkavimP@@YG_NPAEPAM@Z

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ