dad7e94057030077e490eee26fa79268_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dad7e94057030077e490eee26fa79268_JaffaCakes118
Size

27KB
MD5

dad7e94057030077e490eee26fa79268
SHA1

dfd41cf5888fa8be47f50e54102d37ee9b2df326
SHA256

898e6e44c44fce8e76784cedc3b5c3b9b1b366c02be781b348c2a9199a2928ea
SHA512

6f9b4318570a3beed983cf80a8bdbaa62cef6a803546def3ebfb0050a099780292055ab8a8bbe20ba77e561faa424c013348e89940ca6e870b5464c213b9a3c2
SSDEEP

384:0bKt60e/nsSmxARBu6b7wOrBUH6UW4Y59PwA6kDeOCeP3DrRuNKcyFOt9:0GtZePstAPusbLOY5Vw/GzrRu3mO/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dad7e94057030077e490eee26fa79268_JaffaCakes118

Files

dad7e94057030077e490eee26fa79268_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af01a9931d313744e7ceaaf1c281876b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateThread
FreeLibrary
GetCurrentThreadId
GetFileAttributesA
GetFileSize
GetLocalTime
GetProcessHeap
GetTimeFormatA
GlobalAlloc
GlobalLock
IsBadReadPtr
LoadLibraryA
LocalSize
MulDiv
ReleaseMutex
SetCurrentDirectoryA
SetErrorMode
Sleep
TerminateProcess
TerminateThread
WaitForSingleObject
WriteConsoleA
lstrlenA

user32

CreatePopupMenu
GetCursorPos
GetDlgItem
GetMenuDefaultItem
GetWindowThreadProcessId
IsWindowVisible
LoadMenuW
PeekMessageW
SendDlgItemMessageW
SendMessageTimeoutW
UnregisterHotKey

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 978B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ