dcd20d97eb2d28b2401c8ed3e9db3d39_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcd20d97eb2d28b2401c8ed3e9db3d39_JaffaCakes118
Size

7KB
MD5

dcd20d97eb2d28b2401c8ed3e9db3d39
SHA1

d739e7481459f2992200fd6e58d43644bd827dfe
SHA256

531e610ed312ad0de14b2350528809ad2bb2188e1f12437b2ce82839ac31d0c1
SHA512

11875a6dc52bd770ce7794693721961bcfd0a39397e9fb89b347cc186bca285afe6b6d7b16304c80aa8e9029a580249de8b5e95b5602a676e6fabbdb3c026334
SSDEEP

96:ITBwdkW7XvueheuPLbC6Rdf79aH7j7zsH/VEYgJnHOTqc:IT+kCvheuPNRpR+jivgJnHOTv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcd20d97eb2d28b2401c8ed3e9db3d39_JaffaCakes118

Files

dcd20d97eb2d28b2401c8ed3e9db3d39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58285405d174bca527832e5c8f61b28e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetUserDefaultLangID
EnumDateFormatsA
GetProfileStringA
CreateMailslotA
GetProcessHeap
VirtualAlloc
GetVolumePathNameA
GetStdHandle
LocalHandle
CreateJobSet
GlobalLock
FindAtomA
CloseHandle
GetProfileIntA
GetTapeStatus
GlobalFlags
GetOEMCP
EnterCriticalSection
GetModuleHandleA
GlobalFree

user32

ShowWindow
RegisterClassA
GetClassInfoExA
BeginPaint
GetFocus
GetParent
CloseWindow
GetDC
DrawEdge
IsIconic
GetWindowTextA
EndPaint
GetActiveWindow
GetWindowTextLengthA
GetClassNameA
ReleaseDC
ValidateRect
GetForegroundWindow
GetWindow

gdi32

CreateDCA
CreateDIBitmap
GetColorSpace
GetCharWidthA
ExtCreatePen

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ