f639668e182b035c14f5d9199904c392_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f639668e182b035c14f5d9199904c392_JaffaCakes118
Size

131KB
MD5

f639668e182b035c14f5d9199904c392
SHA1

61d220ae6ad43ef1bee9cfb6123a2efddb2bd87c
SHA256

bf38e83d74a7b5b31b3fb16196b80d387257d6eb05e91d282f444023b692ae1f
SHA512

0253a2e985ec6d6b1964ed35653e723b2b37c4f9bb7c229ecbbba906fa7c655816176c790db3db22a5936385501c995b3ce7b56484408fe0257acb6f36ec8061
SSDEEP

3072:CB/vw2Ao/C+v7qpC6WzYLgveCPq7KxXA0NxBiG4rW9m3kCz8u7r:mO+vOp7Ual09iG4r0m3F8Qr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f639668e182b035c14f5d9199904c392_JaffaCakes118

Files

f639668e182b035c14f5d9199904c392_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1408997870fa35398a69003025b387f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadImageA
DestroyWindow
LoadStringW
CharNextA
MessageBoxW
GetSystemMetrics
LoadIconA
UnregisterClassA
CharNextW

clusapi

CloseCluster

shlwapi

PathAddBackslashW

kernel32

lstrlenA
GetEnvironmentVariableA
InterlockedExchange
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetLastError
SizeofResource
SetFilePointer
GetCurrentThreadId
GetLastError
RaiseException
MultiByteToWideChar
LoadResource
GetModuleHandleA
LocalAlloc
LeaveCriticalSection
InterlockedCompareExchange
GetTickCount
EnumResourceNamesW
lstrlenW
GetCurrentProcessId
GetStartupInfoA
EnterCriticalSection
ExitProcess
lstrcmpiA
FindResourceExA
GetModuleFileNameA
FindResourceA
CreateProcessA
WideCharToMultiByte
GetVersionExA
TerminateProcess
Sleep
LockResource
GetCurrentProcess

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ