e0d35dad5ea56718d245de79e87f6861_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0d35dad5ea56718d245de79e87f6861_JaffaCakes118
Size

171KB
MD5

e0d35dad5ea56718d245de79e87f6861
SHA1

b69d09072f8292e510d2924974b399e52d7bfd7c
SHA256

1b0265d749a3b325bc9521e2bc89d75871ed311bf87d94cbcac3ce80a0aa6abe
SHA512

34ec72b954fdd314daacdc889d01c00e2ad56a845448447911b7ddac91a12764a692d60b07a1df73f45e28a02738405d157d1a63c39345076d21bda3508d2524
SSDEEP

3072:ZK712WQlfCOX4uTCwdGJjl6/Ph2YD+chO1pWSphUPvqbG0hdLc3g6rIXf:Z8UWQlaszi9l6XhR6aovhmvqbGcdLcQL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0d35dad5ea56718d245de79e87f6861_JaffaCakes118

Files

e0d35dad5ea56718d245de79e87f6861_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5171a30b065c1643103175036ab1c65a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\kzgzi\oolSD\fhjRtnd\zAhzEy.pdb

Imports

comdlg32

ChooseColorW
FindTextW
PrintDlgExW

kernel32

GetCommandLineW
GetShortPathNameA
MoveFileExW
SizeofResource
IsValidLocale
FreeLibrary

user32

DefDlgProcA
GetAsyncKeyState
LockWindowUpdate
GetCursorPos
SetActiveWindow
InvertRect
TranslateMessage
MessageBoxA
FindWindowA
IsIconic
TranslateAcceleratorW
PostMessageA
IsRectEmpty

gdi32

Escape
GetDIBColorTable
PtVisible
LineTo
TextOutA
GetObjectA

comctl32

PropertySheetW
ImageList_Remove
DestroyPropertySheetPage

shlwapi

StrCpyW
PathMakePrettyW
IntlStrEqWorkerA
StrCmpNIW
PathCommonPrefixW

Exports

Exports

?JmwpfyTbOy@@YGPAFPAD@Z

Sections

.itext
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 139KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ