de4b00eea511fd7873c4b43747dae8fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de4b00eea511fd7873c4b43747dae8fd_JaffaCakes118
Size

260KB
MD5

de4b00eea511fd7873c4b43747dae8fd
SHA1

dd3dec80c543248f6f0de3bbd30620176ea5d29c
SHA256

79025a7c22de0e5cbeb4d1791d79d5b9d5a78a0940a5fb437e89d966e295c370
SHA512

fae12882badff29668565a4388c5a0af5a45c167a7213f342426f57203d30f902844cdbbb7244eab2c30c693f0708b8e33eb488e60b198bd8fbc9d52d0b2d634
SSDEEP

6144:1plAkhr3K64TGOCyd2nqzdnPM1RTzwquifzCXSnpOzW:1JanTGOmS5mwquifpnWW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de4b00eea511fd7873c4b43747dae8fd_JaffaCakes118

Files

de4b00eea511fd7873c4b43747dae8fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c1c29274a1031372f74b9a3c221ebb1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

kernel32

GetCurrentProcessId
lstrlenA
GetVersion
GlobalFindAtomA
GetCurrentProcess
GetUserDefaultLangID
lstrlenW
VirtualAlloc
MulDiv
GetProcessHeap
SetCurrentDirectoryA
GetCurrentThread
GetCommandLineA
GlobalFindAtomW
GetACP
CopyFileA
DeleteFileW
DeleteFileA
lstrcmpiW

user32

GetDesktopWindow
CharNextA
GetMessagePos
GetInputState

gdi32

RestoreDC
SetBkMode
UnrealizeObject
SetViewportOrgEx
SelectPalette
GetDIBColorTable
OffsetViewportOrgEx
GetStockObject
EndPath
GetDCOrgEx
GetTextMetricsA
SetBkColor
GetDeviceCaps
GetPixel
GetPaletteEntries

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ