fd54f2e6588c6dbb432453b6e996577d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd54f2e6588c6dbb432453b6e996577d_JaffaCakes118
Size

169KB
MD5

fd54f2e6588c6dbb432453b6e996577d
SHA1

1ff7c52bb30c2cd964394121eb9c93390870f381
SHA256

5f3aa7f659becd1708ee3ee4408e04084fd1ed04a7ed2d3d44f65a36c11fe494
SHA512

7667757fa97eb928d6acc645f50da4648004fb738f09240b588cea27ee31d18ba1f1bf8870063fbf82ede32cae60a94c9529852de69167b82f9bfd144cb2ad8d
SSDEEP

3072:N4AE0OUh29HB4F+9xSxRXNczM3sCjBv+uBgBe2psGyQnsCb66okNfb+7xO2Co:N4h0OUNF+9GRXCQTF6psTrq9okNfaF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd54f2e6588c6dbb432453b6e996577d_JaffaCakes118

Files

fd54f2e6588c6dbb432453b6e996577d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a021f5a000367c044433ea035a6f5d5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\rMswiq\pSaZklt\gcsvK\tqculfb\wsKKU.pdb

Imports

comctl32

CreateToolbarEx
ImageList_LoadImageW
ImageList_GetIcon

ntdll

_strlwr

shlwapi

PathMatchSpecA
StrSpnA
PathStripToRootA
PathCommonPrefixW
StrCmpNIA

user32

SetDlgItemTextW
GetDlgItem
CharToOemA
EnableWindow
EndPaint
GetSubMenu
DrawAnimatedRects
EqualRect
IsCharLowerA
MessageBoxA
CreateDialogIndirectParamW
InSendMessage
MapVirtualKeyW

kernel32

EnumResourceLanguagesA
CreateNamedPipeW
GlobalDeleteAtom
CompareStringA
HeapAlloc
ExitProcess
lstrcmpiA

gdi32

StartDocW
PtVisible
CreateBitmap
CreateICW
GetTextColor
ExtTextOutA

Exports

Exports

?fAjpbrdSqnFQdbfOlnvrcf@@YGJHPAG@Z
?csQnzoLcfeiengGy@@YGNPAD@Z

Sections

.itext
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 138KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ