dabd4c26c1b83198b1133e82f616fe79_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dabd4c26c1b83198b1133e82f616fe79_JaffaCakes118
Size

56KB
MD5

dabd4c26c1b83198b1133e82f616fe79
SHA1

b195508c809e0c3d4f32c52ad9af4baffdee6b9f
SHA256

757ed0d98d9387cbfad55b6917cc50d166004560033f3ef34e9bcd7394fce1dd
SHA512

8a0583f1afd56681a6fbc505e1078cb11b0897b3a3721347218084e98caf8cc6ee262edb7fb87a6fd8d1332791540337daa782db34fa7ec83b9e7a8b072c0920
SSDEEP

1536:xndNd3NXvXtk97AxDaln2gxodj+3MCGHO0:pTtk97Alad2xdj+36HO0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dabd4c26c1b83198b1133e82f616fe79_JaffaCakes118

Files

dabd4c26c1b83198b1133e82f616fe79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca1a915319cc2451076bcc9cf1c8e812

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
CreateEventA
TlsGetValue
IsDebuggerPresent
CreateFileMappingA
GetModuleHandleA
GetACP
LoadLibraryExA
GetStdHandle
IsBadReadPtr
LocalUnlock
GetFullPathNameA
FindClose
LocalFree
GetLastError
CloseHandle
FreeEnvironmentStringsA
GetConsoleCP
GlobalLock
CreateFileA

user32

IsWindow
EndDialog
DispatchMessageA
ScrollWindow
DefWindowProcA
GetDC
CreateDialogParamA
GetDlgItem
EmptyClipboard
GetMessageA
SetFocus
PostMessageA
GetIconInfo
DrawIconEx

uxtheme

DrawThemeIcon
GetThemeColor
CloseThemeData
EnableTheming
GetThemeMetric

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ