df0c042510641425ad3c1668267aabed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df0c042510641425ad3c1668267aabed_JaffaCakes118
Size

56KB
MD5

df0c042510641425ad3c1668267aabed
SHA1

d1e5610bf3f116a808cedef387d626348313f72f
SHA256

c2da98fdbf786af97a8e572efe5d5f52973b3f70497c74c8f51bd975fa06609f
SHA512

225661bb4d206e69bbb268ede8b76f9971df65bdc05bf4131b8b6ddb722929ae8ab01251e55bc4089c046803f4335c63b322fea258e2f57160db48090c4e17a4
SSDEEP

1536:akI7HKmLSQG3tx3UYLY7CGjTepIeif4T/fwd/CI:akI7HKmLSQG3tx3UYLEHjTepItfK/45

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df0c042510641425ad3c1668267aabed_JaffaCakes118

Files

df0c042510641425ad3c1668267aabed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f86c216c7247fb1f8c41348dcd77feb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetVersion
GetCPInfo
MultiByteToWideChar
GetStringTypeW
SetFilePointer
lstrcpynW
lstrcpyA
GetFileType
LCMapStringA
GetModuleFileNameA
TerminateProcess
SetHandleCount
GetACP
GetOEMCP
GetStringTypeA
LCMapStringW
GetStdHandle
WriteFile
lstrcatA
GetCommandLineA
lstrcpynA
CreateFileA

user32

LoadMenuA
GetDC
LoadCursorA
DrawTextA
CopyIcon
IsMenu
GetDlgItem
CopyRect
CreateIcon
IsWindow
InsertMenuA
CloseWindow
GetWindowTextLengthA
GetMenu
DialogBoxParamW
CopyImage
DrawIconEx
DialogBoxParamA
GetWindowTextA
DrawIcon
GetCursor

comctl32

ImageList_DragEnter
ImageList_LoadImageA
DrawStatusText
ImageList_Copy
CreateToolbarEx
DrawStatusTextW
DllGetVersion
ImageList_GetIconSize
CreateStatusWindow
ImageList_DrawEx

advapi32

RegCreateKeyA
RegQueryValueExW
RegQueryValueW
RegCreateKeyW
RegQueryValueExA
RegDeleteKeyW
RegEnumKeyA
RegEnumValueA
RegQueryValueA
RegEnumValueW
RegDeleteValueW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 16.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ