dd400ec6e4fd3401781493ac252cf0f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd400ec6e4fd3401781493ac252cf0f4_JaffaCakes118
Size

167KB
MD5

dd400ec6e4fd3401781493ac252cf0f4
SHA1

93541b1403cd2b92d0e13dc5e0231a44d5a559d2
SHA256

0771f24fda7706e3596061ae92c55d313fac47064b01441addd1d6dc0591c03c
SHA512

fa78efcb1bfa0753f343fdbf237c6aa620481c8e6028225a04e12083bda9104498a4c2d3a9bb39a9067807831b75a76dfe82518e82ac75874cf749829e92e752
SSDEEP

3072:QP+xNyT4jxqhzbcYQXMAPzvbIdW/bphUF+OUcrhQc3uCQJ1Y+5XCwJ:1YEjIh8YQXRvsdWc+OxKfJOHu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd400ec6e4fd3401781493ac252cf0f4_JaffaCakes118

Files

dd400ec6e4fd3401781493ac252cf0f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c90edf80c95aeee8ef1c50b24d9d81a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ExcludeUpdateRgn
InvalidateRgn
ValidateRect
ReleaseCapture
SetCapture
ValidateRgn
GetWindowInfo
GetCapture
GetUpdateRgn

kernel32

FindNextFileW
GetStringTypeW
GetVDMCurrentDirectories
LocalFileTimeToFileTime
SetEnvironmentVariableW
FreeLibrary
SetThreadPriorityBoost
FindResourceW
SetErrorMode
GetShortPathNameW
GetLocalTime
FileTimeToLocalFileTime
FindClose
EnumResourceNamesW
LoadResource
FindFirstFileW
RegisterWaitForSingleObject
HeapCreate
SystemTimeToFileTime
FileTimeToSystemTime
CompareStringA
SetCurrentDirectoryW
SearchPathW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ