f627e75597c617cf2a063dabbd03df82_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f627e75597c617cf2a063dabbd03df82_JaffaCakes118
Size

54KB
MD5

f627e75597c617cf2a063dabbd03df82
SHA1

6526a3a3b26a03f7f751fb3bb753d8d5741340a0
SHA256

cf5a2c4316b9f33248a45c0ad9c37099c3cd53679554e5c16c5c770dadc43596
SHA512

bdad5b0aa1db3e246039afcd095b1d6f2d62492ea09077f59d51d9fab464bcb79baf0dda3bddc1ea7819d5d56aa316c5a1c49f60689f73374ec326a842bc06de
SSDEEP

768:moE5+Nd3NXvyk+8h5kT25QSyWzeG6235qp028UDU/NtKSiWhqqY:mp+Nd3NXvXtkK5rvzeYF2hU/iSV4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f627e75597c617cf2a063dabbd03df82_JaffaCakes118

Files

f627e75597c617cf2a063dabbd03df82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43282be75d2c8ee85a9b8b8a6af46dad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
IsBadReadPtr
TlsGetValue
CreateEventA
FreeEnvironmentStringsA
GetLastError
CreateFileMappingA
LocalLock
LoadLibraryExA
GetFullPathNameA
CloseHandle
LocalUnlock
IsDebuggerPresent
FindClose
GetACP
GetModuleHandleA
CreateFileA
LocalFree
HeapCreate
GetConsoleCP

user32

SetFocus
EmptyClipboard
GetIconInfo
GetDC
IsWindow
GetDlgItem
PostMessageA
DefWindowProcA
CreateDialogParamA
GetMessageA
DispatchMessageA
ScrollWindow
EndDialog
DrawIconEx

msasn1

ASN1BERDecCheck
ASN1BEREncLength
ASN1BERDecBool
ASN1BERDecEoid
ASN1BEREncFlush

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ