dd8b13c634d7b73e8f23b7469be2198e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd8b13c634d7b73e8f23b7469be2198e_JaffaCakes118
Size

39KB
MD5

dd8b13c634d7b73e8f23b7469be2198e
SHA1

3f19731837f613c6fe867e1f155c1c2dbd8788a4
SHA256

165a41019f525743a4167bc842ec360b539f8235a9afcc60c18899391ef8d459
SHA512

d477133b5bd6d13ea4a898ac64383ee88558d736e203758426b424d0be64f11b546a630e9fa2350325ed8e3af55f050dfbd04d0124b93ff16e9406103b92b495
SSDEEP

768:XbYRIWVqnuZZSAQ8uILkmKIu61Wt1+s7nTWMGJFZ58Wx0ldXnp0:XsyWVYuZZSAdJLkmKIuBtokSMGJX58WN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd8b13c634d7b73e8f23b7469be2198e_JaffaCakes118

Files

dd8b13c634d7b73e8f23b7469be2198e_JaffaCakes118
.exe windows:3 windows x86 arch:x86

6f6109f6a1e464cc7120c78adb485850

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
HeapCreate
InitializeCriticalSection
Beep
FileTimeToDosDateTime
GetProcessHeap
FreeLibrary
ExitProcess
GetLongPathNameW
GetVersion
AddAtomA

user32

RegisterHotKey
GetSubMenu
UpdateLayeredWindow
CharNextA

gdi32

FillPath
CreateDIBitmap
CreateBrushIndirect
SetBkColor
FillRgn
DeleteObject
CombineRgn
GetStockObject

advapi32

RegDeleteKeyA
RegFlushKey

comdlg32

LoadAlterBitmap
FindTextW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 873B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ