df681274e87e04bcc88493f658cdb637_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df681274e87e04bcc88493f658cdb637_JaffaCakes118
Size

71KB
MD5

df681274e87e04bcc88493f658cdb637
SHA1

2ce204f3a36fd06ea961dad6858a239a03881c82
SHA256

f978cf17b167fa6e3c1a16da070738ccc5d9885c1c26f79909ba4feda8938c93
SHA512

75efa9e965cf070cc508af8b35a317f068451dbc9f0d80be20aab15c1b6b32313ca333d310be8053ad496217bcddcb95d299dead3fc587e2dbf403a3d88aaadf
SSDEEP

1536:ZaCXlICUCMx7x4/F8zzYuk8BZqzASn13k/e9c2ZEu:YNp08zzY18BJSxZpr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df681274e87e04bcc88493f658cdb637_JaffaCakes118

Files

df681274e87e04bcc88493f658cdb637_JaffaCakes118
.exe windows:3 windows x86 arch:x86

f44c106f901bb68b176c5f7d3180f78b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteCriticalSection
EnterCriticalSection
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
HeapAlloc
HeapDestroy
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
LocalAlloc
LocalFree
MultiByteToWideChar
ReadFile
UnhandledExceptionFilter

user32

CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
EndDialog
GetClientRect
GetDesktopWindow
GetFocus
GetParent
IsDlgButtonChecked
IsWindow
KillTimer
LoadCursorA
PeekMessageA
PostQuitMessage
SendDlgItemMessageA
SetCursor
SetFocus
SetForegroundWindow
SetWindowTextA

Sections

CODE
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 37KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ