de97de84a4f446826398da422f461b65_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de97de84a4f446826398da422f461b65_JaffaCakes118
Size

171KB
MD5

de97de84a4f446826398da422f461b65
SHA1

0786d82fbec23f691e3c6e860946bd353fdf651c
SHA256

96bc32010b3629f9d0b00a6a7c722f76de1db185ba97c23a2609c6953352d2c6
SHA512

6b3ab80363bad0207d60019f692a1c2af8a6d1d0cb523b89d0b6efccc6ba66266cc15488d2d83fc19786de337e1cbf9519ce875f58f0840945312a586ed5db7b
SSDEEP

3072:D2nDlZa2Y3xgdEMDpwAXYmwkaeKYv3tBYWKPrirLl/u2mq4qMd:DqG2YF8pHX5w2PtO6LIr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de97de84a4f446826398da422f461b65_JaffaCakes118

Files

de97de84a4f446826398da422f461b65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45c69d12f709473339c1110fff3d20d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetSystemTimeAsFileTime
HeapDestroy
GetCurrentProcessId
IsBadWritePtr
SetLastError
HeapAlloc
VirtualAlloc
VirtualQuery
QueryPerformanceCounter
EnumSystemLanguageGroupsW
GetWriteWatch
TlsAlloc
VirtualFree
HeapReAlloc
HeapCreate
TlsFree

shell32

SHGetMalloc
SHChangeNotify
SHGetPathFromIDListW

shlwapi

PathAddBackslashW

winmm

mciSendCommandA

oleacc

CreateStdAccessibleObject
AccessibleChildren

user32

GetWindow
DestroyIcon
SetWindowTextA
LoadStringA
CreateWindowExA
LoadImageA
GetDlgItem
GetParent

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ