f977623accd8760c0cd5106aea76a24b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f977623accd8760c0cd5106aea76a24b_JaffaCakes118
Size

88KB
MD5

f977623accd8760c0cd5106aea76a24b
SHA1

049790ecc143392573080ef99342286257586d51
SHA256

1e3e886428c38d264b6f760aba0e6b916d940524d98322ab4ed49ab3ee45a8b2
SHA512

6c9a64059c453582b0636d6cd2ff2a3949536e755e45507c2e9ee0cc798a1e4a2d32b383db39c693b495e4d1e770146184e74748349f22a2f087e6367d49b420
SSDEEP

1536:tRwW80Wsb+792gvcJ+OEw8hWaYlCR2PH2lCvXgzcX8C9oK8Yr098eetI:tRjXcQakFE3WaYYR2PH26XgzcX808JeS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f977623accd8760c0cd5106aea76a24b_JaffaCakes118

Files

f977623accd8760c0cd5106aea76a24b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed63d8b6d93c1601d8324c1e1aef1168

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SwitchToThread
ExitThread
GetQueuedCompletionStatus
VirtualProtect
LoadLibraryA
GetModuleHandleA
CreateMutexW
VirtualFree
GetDiskFreeSpaceExA
VirtualAlloc
GetTempPathW
SetErrorMode
GetPrivateProfileStructW

msvcrt

memcpy
_lsearch
iswcntrl
??1bad_typeid@@UAE@XZ
_ismbcl0
wcscoll
_ismbchira
_getws

comdlg32

GetSaveFileNameW
FindTextA
LoadAlterBitmap
ChooseColorA
ChooseFontW
dwLBSubclass
GetOpenFileNameW
PageSetupDlgW
PrintDlgExA
GetOpenFileNameA

winmm

auxGetNumDevs
mciGetDeviceIDW
mciGetErrorStringW
mixerGetID
joyReleaseCapture
mixerGetLineControlsA

opengl32

glNormal3bv
glStencilOp
glVertex3f
glRasterPos4s
glGetTexEnvfv
glTexGeniv
glPrioritizeTextures
glRasterPos4iv
glVertex3sv

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ