dc63c216255d73861ba431fb85540ef3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc63c216255d73861ba431fb85540ef3_JaffaCakes118
Size

787KB
MD5

dc63c216255d73861ba431fb85540ef3
SHA1

6468487de0a52f5f0b0a557686342044d008de09
SHA256

1ffa3d29a6ef539e039604912cd3cb76dded9913e8d6d1075edebed395984c35
SHA512

f5eb12bd64b3f438fcd56daadd6508cd6482c1016057048be3affdb5c3646896a60a9f3c65e61c1dffe07ee5cbbdbcc3383beeddce575ad6a2a6fe5c7bb71951
SSDEEP

12288:miWPeqItADJJ5KrpFx1KJeAgZXrpRMrJT7zKBLqacqIWGljsc3F7cAqW6ZMfv4ym:Ge1cJbKrvbArgZpur4lZHGlgC9Oy1bkf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc63c216255d73861ba431fb85540ef3_JaffaCakes118

Files

dc63c216255d73861ba431fb85540ef3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa93fb22941da27aba9e5e7d0b1c563d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
CreateMutexA
GetModuleHandleA
FindResourceA
CreateFileA
LoadLibraryExA
HeapCreate
LocalFree
PulseEvent
GlobalUnlock
FindClose
GetEnvironmentVariableA
Sleep
TerminateThread
SetLastError
CloseHandle
lstrlen
GetACP
GetConsoleMode
TlsGetValue

user32

DrawEdge
DispatchMessageA
CallWindowProcA
CopyRect
FillRect
GetDlgItem
DrawMenuBar
GetDC
DefWindowProcW
GetIconInfo
IsWindow
CheckRadioButton
SetFocus

uxtheme

DrawThemeIcon
GetCurrentThemeName
GetThemeBool
GetThemeColor
CloseThemeData

dpnet

DirectPlay8Create

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ