fad420ebe299ea78d2995f714ce972ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fad420ebe299ea78d2995f714ce972ad_JaffaCakes118
Size

258KB
MD5

fad420ebe299ea78d2995f714ce972ad
SHA1

e4abeda22567b8a4d78c4a259c54ef790d8bd134
SHA256

40ccdea4c564a1149e81aaab8e3ed9a32d68a3cda276d068bc6b6ecd6c265377
SHA512

1440ec03a1b8eda1831ef105c7aa72b8b5e988c261ff2ba21bf57025fc0bcbe3cd1633ef935ae8cbb93732aa6d5ef5c20097d5917fd2fe23841b40e8bf7e8d52
SSDEEP

6144:baHJQFQlXE9VhN+1kgd+xpniSidBbmpuM4:bayKXCYmbniSiHM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fad420ebe299ea78d2995f714ce972ad_JaffaCakes118

Files

fad420ebe299ea78d2995f714ce972ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc7142911f5a8483630e5397ced529e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

user32

GetInputState
GetDesktopWindow
GetMessagePos
CharNextA

kernel32

DeleteFileA
DeleteFileW
MulDiv
GetProcessHeap
GetCurrentThreadId
GetCurrentThread
lstrcmpiW
VirtualAlloc
GetLastError
GetCurrentProcessId
lstrcmpiA
lstrlenW
GetConsoleOutputCP
GetCommandLineW
GetThreadLocale
GetTickCount

gdi32

SetViewportOrgEx
SetBkColor
SetColorSpace
GetPixel
SetMapMode
BeginPath
UnrealizeObject
EndDoc
EndPath
LineTo
ExcludeClipRect
SetBrushOrgEx
OffsetViewportOrgEx
MoveToEx

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1014B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ