da687ed9a99ad2b8ee56140086c56702_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da687ed9a99ad2b8ee56140086c56702_JaffaCakes118
Size

46KB
MD5

da687ed9a99ad2b8ee56140086c56702
SHA1

e9065b367bdc7e817bfba1b54a01235ae8f604ae
SHA256

123a9eace0f057fcf1636eaca4a83351a5a42cdf06d663beac5dc67813e43d59
SHA512

88531f7fb20fd79aeebb20f9f939d75e2c21eb97a48451a77f18464f446717d00910b7b2e3fdba5eb68a5d538937541e5fe207b4d2ea755ae1da88ea2fa72a41
SSDEEP

768:n4CI3qgiD4gB6YeGPyGMybC82TftlTZdQSmeE+sv2Kx+X0c40T9Oi:nNAqgfgYGP5zCJTftlHQSRs+YMX0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da687ed9a99ad2b8ee56140086c56702_JaffaCakes118

Files

da687ed9a99ad2b8ee56140086c56702_JaffaCakes118
.exe windows:4 windows x86 arch:x86

faa291165177e98f7e191a5126cd9c8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FindFirstFileA
GetACP
GetLocaleInfoW
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
SetStdHandle
SizeofResource
lstrcatA
lstrcmpiA

msvcrt

vswprintf
__set_app_type
_cexit
strpbrk
wcscmp
_XcptFilter
strspn

user32

MapWindowPoints
SetWindowPlacement
GetClassNameA
GetUpdateRgn

oleaut32

SafeArrayDestroy
SafeArrayCreate
SafeArrayAllocDescriptor
SysReAllocString
RevokeActiveObject
OleTranslateColor
ClearCustData
SysStringLen
VarBstrCat
VarBstrCmp

shlwapi

PathGetCharTypeA
PathGetDriveNumberA
SHDeleteKeyA
SHEnumKeyExA
StrStrA
StrStrIA
StrToIntA
StrSpnA

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ