f72bb51aac1912dbeb89a11f7dd4241b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f72bb51aac1912dbeb89a11f7dd4241b_JaffaCakes118
Size

37KB
MD5

f72bb51aac1912dbeb89a11f7dd4241b
SHA1

e3680162ea4c605eb3338004b015f04d933c1137
SHA256

a28a7e23027295a5242205802d198de62e6e6224c4639815cbf5bfff91a2278e
SHA512

433e842cd1460dd367dc633bd0f0446ee35a40be1da8c73322b1a6b37a494d140922c0b055d1ed58e25842d40cd66a885c31a5d48ac8b15ee14f44b694cd2c37
SSDEEP

768:G9tf1xInxWe+AaN6zA4hZBsEcX6FPwls9d2YVAob6KPX5+0iEtaUIz:4tr6xWeT/zA4h7sJqwa9d2YSAtwz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f72bb51aac1912dbeb89a11f7dd4241b_JaffaCakes118

Files

f72bb51aac1912dbeb89a11f7dd4241b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c08342a63666e276ccd76a2710dd42d2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\icciJhfHYaB\GilfyUUDGJfJzi\wkjVdosXjmFn.pdb

Imports

msvcrt

_controlfp
strpbrk
__set_app_type
__p__fmode
__p__commode
_amsg_exit
strlen
_initterm
_ismbblead
_XcptFilter
iswalpha
_exit
swscanf
_cexit
__setusermatherr
__getmainargs

kernel32

GetComputerNameW
lstrlenA
GetModuleFileNameA
LoadLibraryA
SetPriorityClass
GetModuleHandleW
ExitThread
LoadLibraryExA
TerminateThread
GetFileType

gdi32

GetTextColor
SetTextAlign
CreateHatchBrush
GetNearestColor
GetCharWidth32W

shlwapi

ChrCmpIW

user32

GetDlgItemInt
ChildWindowFromPoint
GetDlgItemTextW
GetWindowDC
SetWindowRgn
LoadCursorW
ReplyMessage
IsCharUpperW

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyz
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE