d9eab58bbd2ea844430e1982ec1a1b53_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9eab58bbd2ea844430e1982ec1a1b53_JaffaCakes118
Size

813KB
MD5

d9eab58bbd2ea844430e1982ec1a1b53
SHA1

82b94af45339b6f8fe0c2d4a4b056ca96606fff5
SHA256

1d0e0aa16eb56a08289867e3063ac29eaedb4a8260880f6a23659e7af898923a
SHA512

1c090d0c67a397ff5e3581b5ad528157fb8ddbd3cdcbab759d54fe7d66911e7f9531a85b3514ff1cdc12e23f82a8aaf11c0e0f53e1a2a77748be56505bdd8364
SSDEEP

12288:PVaUCtUa1FL1XFv1DIhvDKkQ5GOs049l7aEn9boO4cCxDmX9JIY6tUL9FpfEwS7G:P/Cua1lv1DsK3GbjUE9Eigtt89Fpcdq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9eab58bbd2ea844430e1982ec1a1b53_JaffaCakes118

Files

d9eab58bbd2ea844430e1982ec1a1b53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62a2165ffee2104cb7351481624efeac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
LocalUnlock
GetModuleHandleA
IsDebuggerPresent
GetLastError
IsBadReadPtr
LoadLibraryExA
CreateFileA
CreateEventA
GetACP
GetStdHandle
HeapCreate
GetFullPathNameA
FreeEnvironmentStringsA
GetConsoleCP
LocalLock
CloseHandle
FindClose
LocalFree
TlsGetValue

user32

EmptyClipboard
GetDlgItem
CreateDialogParamA
GetDC
EndDialog
PostMessageA
DispatchMessageA
GetIconInfo
SetFocus
ScrollWindow
IsWindow
GetMessageA
DefWindowProcA
DrawIconEx

msasn1

ASN1BEREncLength
ASN1BERDecCheck
ASN1BERDecBool
ASN1BEREncFlush
ASN1BERDecEoid

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ