f6225df6ea720e3cfd69355c2c2208af_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6225df6ea720e3cfd69355c2c2208af_JaffaCakes118
Size

815KB
MD5

f6225df6ea720e3cfd69355c2c2208af
SHA1

7c1620552c64116b90aa90dc90011ebe35eacf88
SHA256

69cc4c777dc41bf916e179229ae5fc06a6e801c2b805db1b3f64b49755b090ab
SHA512

451a73c9f908349e5c2c5f03e96c4fc649126eee7471030d1a4e5aa1189d94b49f5d5486b0ecbe0eb550e54b1a2ebfc10263544981c53ac787fa56d65697d37f
SSDEEP

24576:9+o/SjOG7mn19Vz/EuidfSX1OElEj2aAFRe1:9N07mn1zAJdfewXSa4e1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6225df6ea720e3cfd69355c2c2208af_JaffaCakes118

Files

f6225df6ea720e3cfd69355c2c2208af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c970c8da4e09c2f0e200faff27b9b80d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
CreateFileA
LoadLibraryExA
GetCalendarInfoA
LocalLock
FreeEnvironmentStringsA
CloseHandle
Sleep
GetLastError
WaitForMultipleObjects
GetACP
GlobalUnlock
FindClose
TlsGetValue
CreateFileMappingA
FindAtomA
HeapCreate
GetConsoleAliasA
GetModuleHandleA
GetConsoleCP

user32

FillRect
DispatchMessageA
CheckRadioButton
DrawEdge
GetDC
IsWindow
CascadeWindows
DrawTextA
GetDlgItem
DefWindowProcA
SetFocus
GetIconInfo
CallWindowProcA
MessageBoxA

setupapi

SetupCloseLog
SetupCloseInfFile
CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ