de43fdf37ca7f3d4977accf082e43fe1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de43fdf37ca7f3d4977accf082e43fe1_JaffaCakes118
Size

392KB
MD5

de43fdf37ca7f3d4977accf082e43fe1
SHA1

12e284f9a9e77cc2d25d9541a94c8ab015371a34
SHA256

87bcf81de93547fd860d6bd8beab0e84a07533c7d0f0755f502c60608583a324
SHA512

1418b763d2e396c0db8d6eb04c476974810f2ee40bcd6bd0b3cbb8dfa5141fa63a31de30d471f476adba08339d4738aa1a31d0331adeb302713f0f46675db7e3
SSDEEP

12288:HRskdtDMgmQTsVxNaOmGcG0VkX0jLLmH0Xe:HRskdt6QAVLaOmIImH0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de43fdf37ca7f3d4977accf082e43fe1_JaffaCakes118

Files

de43fdf37ca7f3d4977accf082e43fe1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

deb0f51b02d5c425e2483588bc39b2e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
CreateThread
LocalUnlock
LocalFree
LoadLibraryExA
SetEvent
GetComputerNameA
GetSystemTime
GetModuleHandleA
UnmapViewOfFile
PulseEvent
CloseHandle
GetTickCount
GetCurrentDirectoryA
CreateFileA
SetLastError
Sleep
lstrlenA
GetCommandLineW
CreateThread

user32

CreateWindowExA
IsWindow
GetScrollBarInfo
DispatchMessageA
FillRect
SetFocus
CallWindowProcA
DrawMenuBar
GetDlgItem
GetKeyState
CheckRadioButton
GetDC
DrawEdge

clbcatq

ComPlusMigrate
DowngradeAPL
CheckMemoryGates
SetupOpen
SetSetupSave

inetcpl.cpl

OpenFontsDialog

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ