e18d03f322746113a307ae4e5c454fe6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e18d03f322746113a307ae4e5c454fe6_JaffaCakes118
Size

108KB
MD5

e18d03f322746113a307ae4e5c454fe6
SHA1

6f72c7aaf4a0bd00e90ede187c5278f85a2631c9
SHA256

0de08ec573198ab3a9c90617bf5d1e51b3462b7ce973cfc8dd359ee08d828831
SHA512

b8cf66b5946b3307fdca1c74a35305bbf88cd6480133dc7caf5f209c4682e1464e25968c61b373a1be04bac576b0f9b0ecf8dbd6e5168bfa930e2c3dc1879dc8
SSDEEP

1536:Z6JXTGSEK2QFnltfBz+/3ad2MK0+NWwChD+YeLwxL3Sm/QPA2WDG709HKG:Z6Jj8uNl6/3Y84+YeL4pQPA2n0ZKG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e18d03f322746113a307ae4e5c454fe6_JaffaCakes118

Files

e18d03f322746113a307ae4e5c454fe6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

550c2d93ef1dd44367b6c09d74bd9055

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\bIelueKfxgzqg\esJuBuhdoLlEp\MOqrvwCxhAmbVp\SxOfzjjTfc\rCRfnHaw.pdb

Imports

gdi32

CreateCompatibleDC
GetCharWidth32W
OffsetRgn
CreateHalftonePalette
StartPage

shlwapi

ChrCmpIW
UrlGetLocationW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
time
_amsg_exit
_initterm
memset
rand
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs

kernel32

GetModuleFileNameA
lstrcmpiW
LoadLibraryA
DeleteFileA
LoadLibraryExA
lstrcpyW
GetComputerNameW
lstrlenA
AreFileApisANSI

user32

LoadCursorW
DestroyWindow
RemovePropW
GetDC
SetWindowPos
wsprintfW
SetForegroundWindow
GetScrollInfo

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idir
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 77KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE