f7212e3fa0a46a028b8c6c4bf58b43a7_JaffaCakes118 | Triage

Sharing

General

Target

f7212e3fa0a46a028b8c6c4bf58b43a7_JaffaCakes118
Size

813KB
MD5

f7212e3fa0a46a028b8c6c4bf58b43a7
SHA1

0abc1a0560968144125d5af9645588e87d4a64f1
SHA256

cdd912a6a01e6d7d1a40203747aa139ef179792af3fff32ae5d2ed732566a13b
SHA512

61c5001bd0d3114d0349f85bde90bfe726396fd3fce9ddca8fe49c8192c3dc4ae7ea55d590882b663c3d7f905a8e883882a28b010d3c1cfb73bbaf1057d90455
SSDEEP

24576:6oTd+AnCF00DY+AYqc2haMirIvXV1ubbQ:66d+tzY+f2A5IvXVuQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7212e3fa0a46a028b8c6c4bf58b43a7_JaffaCakes118

Files

f7212e3fa0a46a028b8c6c4bf58b43a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3ba839c8ec69cd19816f34f8dd309ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
CreateFileA
IsDebuggerPresent
CloseHandle
CreateFileMappingA
GetACP
FreeEnvironmentStringsA
IsBadReadPtr
TlsGetValue
WaitForSingleObject
GetStdHandle
LocalLock
LocalUnlock
HeapCreate
FindClose
CreateEventA
LocalFree
GetConsoleCP
LoadLibraryExA

user32

GetMessageA
EmptyClipboard
CreateDialogParamA
DefWindowProcA
ScrollWindow
GetDlgItem
PostMessageA
DispatchMessageA
GetIconInfo
IsWindow
EndMenu
SetFocus
GetDC
DrawIconEx

msasn1

ASN1BEREncLength
ASN1BEREncFlush
ASN1BERDecEoid
ASN1BERDecBool
ASN1BERDecCheck

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ