f6df582ea662346fe210961e9380e432_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6df582ea662346fe210961e9380e432_JaffaCakes118
Size

100KB
MD5

f6df582ea662346fe210961e9380e432
SHA1

856d8205e715b24a92ad63320036d0287cd92f51
SHA256

07a4b38af4368153992d7575a8e5ddf1ab4132af04ca03c85135f7194e9ebefb
SHA512

9e4a46e06909e2c4724e9bef8e150f1c0bb4f0780b67ff1d222c88f4947094ee17c2942912f595ea302a836097abb30b12e759521d75aff602bf52495e82dd0e
SSDEEP

1536:8O/tKIpwD1m5Wlk5As9swdt2mTxDlCkKAlDw8m3Y6CY3w+5dAUEkzh:RHeD1mwlkm8zXVxCkTwbdXxdBN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6df582ea662346fe210961e9380e432_JaffaCakes118

Files

f6df582ea662346fe210961e9380e432_JaffaCakes118
.exe windows:4 windows x86 arch:x86

528c93779840c6a7cc5ddc1a0c8bda85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetThreadSelectorEntry
HeapUnlock
ExitProcess
GetStartupInfoA
GetProcessHandleCount
OpenSemaphoreA
EnumSystemCodePagesA
_lcreat
ExitThread
GlobalMemoryStatus
SuspendThread
VirtualAllocEx
GetProcessPriorityBoost
WriteFile
GetProfileSectionA

user32

DlgDirListComboBoxA
RegisterWindowMessageW
RealGetWindowClass
AlignRects
SetLayeredWindowAttributes
SetLastErrorEx
EnableScrollBar
SendNotifyMessageW
OpenWindowStationA
ScrollChildren
MoveWindow
CallWindowProcA
DrawStateA
GetInputState

gdi32

LineTo
StretchBlt
DeleteObject
PatBlt

Exports

Exports

Lhmyiqv
Nwqmmkdc

Sections

.textbbs
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 88KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ