dd281f6f656e72624ce0ae068582052e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd281f6f656e72624ce0ae068582052e_JaffaCakes118
Size

132KB
MD5

dd281f6f656e72624ce0ae068582052e
SHA1

8bd0ba23e1d0b3c5a008ee1579c80e5256f11286
SHA256

7b69049e664d321bd9a61afca84820fe9d29d9fe579387d3f82753120f671b4f
SHA512

33399d249a75fa1210ef793691f3b459c9d8b134f8db454cc8fd565709c79c4b4c663213f37faf8c8c1fbc019c62f01d25da1a5076f5cfee719abb6370f2fed3
SSDEEP

3072:wGvEjuy9lD7XwenZ1tQ2iew5RhpM1nULHvkshxa8:52uy9lDr71+Xew5oQvXLb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd281f6f656e72624ce0ae068582052e_JaffaCakes118

Files

dd281f6f656e72624ce0ae068582052e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

335c216c9c953c4591c1f92abe0fd804

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
ExitProcess
GetFileAttributesW
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
LoadLibraryA
ReadFile
VirtualAlloc
VirtualFree

user32

CharNextA
ClientToScreen
GetDesktopWindow
GetSubMenu
GetWindowRect
PostQuitMessage
SetTimer
TrackPopupMenu

gdi32

BitBlt
CreateCompatibleBitmap
CreateDIBitmap
CreateFontIndirectA
CreateRectRgn
DeleteObject
GetBitmapBits
GetObjectA
GetStockObject
GetTextExtentPointA
RealizePalette
SetViewportExtEx
UnrealizeObject

shell32

DragAcceptFiles
DragQueryFileA
DragQueryPoint
ExtractIconW
FindExecutableW
SHBindToParent
SHBrowseForFolder
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfoA
SHGetFolderLocation
SHGetMalloc
ShellExecuteA
Shell_NotifyIconA

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ