dd082b8b9aebf5acd731b3eaeb9fbb2e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd082b8b9aebf5acd731b3eaeb9fbb2e_JaffaCakes118
Size

182KB
MD5

dd082b8b9aebf5acd731b3eaeb9fbb2e
SHA1

7d516c6edbd5ff006d6c211cd6ef623cf9306672
SHA256

c9a80fefd8336ef1a55096a468db3595a67be50ffff14da5711bc41f84a1628a
SHA512

5f3af1bf47b7064f2d6017f5daaa6355b0570bf6a47c8d88e25f6d8edd98bd54e15dfafbed2f42a23051bd8c5d1c63584163c8c7f4abca014a23145a150844d8
SSDEEP

3072:c8Q+E6F6hDOHHVUMYEdhCJOJtW3WVaL4UHKXLxZOlDMXA4rb:XQLBJOHHVAEptWFL4sKLxZOgR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd082b8b9aebf5acd731b3eaeb9fbb2e_JaffaCakes118

Files

dd082b8b9aebf5acd731b3eaeb9fbb2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24ad98750051bd7958f75892c1a16e5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
CreateWaitableTimerA

user32

GetKeyNameTextW
DdeReconnect
GetWindowDC
DdeConnect
MessageBoxIndirectA
ModifyMenuW
SetScrollInfo
SetTimer
RegisterWindowMessageW
DdeImpersonateClient

gdi32

GetTextExtentPointI

Sections

CODE
Size: 9KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 169KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ