dcdd4f160884ad3bdeec8b46136f09f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcdd4f160884ad3bdeec8b46136f09f6_JaffaCakes118
Size

352KB
MD5

dcdd4f160884ad3bdeec8b46136f09f6
SHA1

43cf5c3d588aadb1f8ea73194058a7b8a6f692bb
SHA256

c4a254257610e4189e538defae4b3eb7b6767dd047036249789f172fcd004213
SHA512

967f7185615af391fc4b434694dd539c3f6b73774b7ff69cc3e8007ea4f6cfa8cd4f2197177c919ebe3bfd203c9c7febe886026545a9279ca1b6b11c0f3a38fb
SSDEEP

6144:PmfpwUtXZhNGOILLsv5BPrrO6YYcxFjQkqoZjeFeV/y9bVnNP5Ch+Ij:P0p1tR6LLsbGzYc3Xq46FeVaPnNPcU2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcdd4f160884ad3bdeec8b46136f09f6_JaffaCakes118

Files

dcdd4f160884ad3bdeec8b46136f09f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aabd4abe8fee0abc7a748b40a0d86823

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
GlobalUnlock
FindClose
CloseHandle
lstrlenA
GlobalLock
OpenMutexA
OpenMutexA
ResumeThread
LoadLibraryExW
LocalFree
IsBadReadPtr
GetStdHandle
GetModuleHandleA
GetLastError
CreateEventA
GetSystemTime
VirtualProtectEx
GetACP
FreeEnvironmentStringsA

user32

GetDlgItemTextA
EndDialog
ClipCursor
IsMenu
SetFocus
DialogBoxParamA
GetComboBoxInfo
GetMessageA
CreateWindowExA
IsIconic
GetSubMenu
LoadCursorA
GetMessageA
MessageBoxA

uxtheme

DrawThemeText
DrawThemeBackground
EnableTheming
GetThemeBitmap
CloseThemeData

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ