f6cc232776fc3640b0b0de04d4528816_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6cc232776fc3640b0b0de04d4528816_JaffaCakes118
Size

179KB
MD5

f6cc232776fc3640b0b0de04d4528816
SHA1

15bb940f341560254188fe3ae0c6448d3d35c302
SHA256

e56a21fefd2013ed655dc478c30406a1004fd49fe8b55cc4e400208875e81b03
SHA512

ba1af4d875935385dca987166c1af0719a23e73de642d712323e7f54e20a646bc87488bf5cb03d47b8a0c72f2bef09a70c30ca73c39560dd900a144ac0c9c935
SSDEEP

3072:Dz2KVg5yFIX4L+Q0rT1HaGHTtHTPSgELuA2iHmS8F8TEel:n2bYY4SrAGzlzSgE52amNFo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6cc232776fc3640b0b0de04d4528816_JaffaCakes118

Files

f6cc232776fc3640b0b0de04d4528816_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4cd31723fdebba446ed50bc6ae19357

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GlobalFree
GetCurrentProcessId
GetFileInformationByHandle
CreateFileW
LoadLibraryW
GetProcAddress
EnumResourceTypesW
ExitProcess
GetModuleHandleW
CloseHandle
UnhandledExceptionFilter
GetCurrentThreadId
GetLastError
GetVersionExW

msvfw32

ICOpen
ICClose
ICSendMessage
ICDecompress

user32

AdjustWindowRectEx
PostMessageW
GetWindowPlacement
SetRectEmpty
GetClientRect
InvalidateRect
SetCursor
FillRect

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyW
RegCloseKey
RegSetValueW

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ