f981cfafe0bc47066ad0371b86983ad6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f981cfafe0bc47066ad0371b86983ad6_JaffaCakes118
Size

63KB
MD5

f981cfafe0bc47066ad0371b86983ad6
SHA1

37008eeeab2ccc73d542be2407f4847f0a5d133a
SHA256

9c91bf5a083c9c462d8ad050a03c714c473b499c877875db2dd3e22ac26c7472
SHA512

9dde96185776c8068c010dc2d1388aa79c0b8be6b457bedaf0e46cc69e82eee3453090bc38d1c814ecd2f4722aaaa2420150bf2db539e2ebf9b05eacda878b86
SSDEEP

1536:/VNCBe5SPg3OpydRAwGO2vywOO2YlwBkayqyFA37LS:db5SPByrlOawL69yqyFALm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f981cfafe0bc47066ad0371b86983ad6_JaffaCakes118

Files

f981cfafe0bc47066ad0371b86983ad6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98ae6977a137c0cf8f50222473beb229

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_Remove
ImageList_Read
ImageList_Create
ImageList_GetBkColor
ImageList_Destroy
ImageList_Add
ImageList_Write

gdi32

GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
CreatePenIndirect
GetBkColor
GetTextAlign
CreateBitmap

user32

SetClipboardData
SetClassLongA
SetActiveWindow
SetCapture
OpenIcon
GetDesktopWindow
LoadBitmapA
SendMessageW
CreateMenu
GetMenu

shell32

SHGetDesktopFolder
SHGetFolderPathA

kernel32

IsBadHugeReadPtr
FindResourceA
FreeResource
LoadLibraryA
FindFirstFileA
VirtualAlloc
ExitThread
FormatMessageA
FreeLibrary
FindClose

Exports

Exports

I9VYXO3@24
CMImP
_f2sNuV4cyrd

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ