d9f9b47876ad9243408027dde8f8ed16_JaffaCakes118 | Triage

Sharing

General

Target

d9f9b47876ad9243408027dde8f8ed16_JaffaCakes118
Size

126KB
MD5

d9f9b47876ad9243408027dde8f8ed16
SHA1

a195955fb413df3143463f410c5be4a0136252db
SHA256

ad828ee2bd809cd5fb11999f2369db23d6b51ce28a60491bb68d7fc829834ed8
SHA512

b32e64f872b6c135fed6383a963a5b81c98f43e510cc7a6921861a482d5e968dce40ee7a7adc71fe187b34fd4a376dbf4098009975e834f6e8d881bb7242d7f4
SSDEEP

3072:AvRKek58mDv6VedSVLV9NxAdcWTwC0MG1:AJKek58msedSNVyBTw5F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9f9b47876ad9243408027dde8f8ed16_JaffaCakes118

Files

d9f9b47876ad9243408027dde8f8ed16_JaffaCakes118
.exe windows:7 windows x86 arch:x86

e03dd73cc79c98e8ed40132ebca21345

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
SleepEx
GetModuleHandleA
GetCommandLineW
GetProcessHeap

ntdll

NtAllocateVirtualMemory

gdi32

LineTo
GetStockObject
CreateCompatibleDC
CreateCompatibleDC
GetObjectW

user32

GetWindowRect
CreateWindowExW
SendMessageW
LockWindowStation
ShowWindow
DestroyWindow
CreateWindowExW
GetDC
GetDlgItem
ShowWindow
GetDlgItem

Sections

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ