d6c6117f22780d949b339567db1bb886_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6c6117f22780d949b339567db1bb886_JaffaCakes118
Size

183KB
MD5

d6c6117f22780d949b339567db1bb886
SHA1

3abdb1cfe92857fa4888ac4f2ce7b57e5884031b
SHA256

b9ad08b556a469469e82a44d9c041c99bb8b33a5506bf84d2a91f06e309d9173
SHA512

e7a911043552b1fa757ff0ab5632c0f2388acb0790652d83fd21c6138c08dce0347f6840324a30dc2fc25a3eb4e372e41d6667284bdb4722d0982bd6a4ae78f3
SSDEEP

3072:S8wsgUuIjdcCANggDkmpQvBkWJxfNGIlnDgyUS/cCjHLru4h/0GzxZKbeL:S8LdTjANgV28xllANwrF0GLK8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6c6117f22780d949b339567db1bb886_JaffaCakes118

Files

d6c6117f22780d949b339567db1bb886_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fca12111eb6123c44da2a3ac4be8cc04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CreateProcessA
Sleep
GetModuleHandleA
GetCurrentThreadId
CloseHandle
LoadLibraryExW
HeapCreate
TlsGetValue
CreateFileW
GetComputerNameA
GlobalFree
PulseEvent
UnmapViewOfFile
SetLastError
lstrcpyA
FindResourceW
GetEnvironmentVariableA
GetCommandLineA
GlobalUnlock

user32

FillRect
SetFocus
DrawMenuBar
IsWindow
DispatchMessageA
CreateIcon
DrawEdge
GetDC
GetDlgItem
CreateWindowExA
CheckRadioButton
CallWindowProcA
GetCaretPos

rsaenh

CPDeriveKey
CPGenKey
CPDecrypt
CPHashData
CPSignHash

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 765KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE