fce9180eff69d68eada774da703cec45_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fce9180eff69d68eada774da703cec45_JaffaCakes118
Size

248KB
MD5

fce9180eff69d68eada774da703cec45
SHA1

6635494574e885c7b7bc6047958dc86e425a6b08
SHA256

7a05967a2d2214dd66e7648a333dc7f17d92918610feb059ebed921db6ed3128
SHA512

73738ae18e523e080ad5b7344005b85047589352841bc88e4f2c7749b2fd5318a0678de7f898821ad003bc097fc13da1ef92b9531814d9e7e068fadf8cb4bcd3
SSDEEP

6144:KtD5JaZBcFjZohG1JGSSpdZZGm9cYcESh:Q8BcFuhG1UvZZNhSh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fce9180eff69d68eada774da703cec45_JaffaCakes118

Files

fce9180eff69d68eada774da703cec45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

126d378a29c79a164a3bcc663cfee5e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByteEx
DeleteFileW
ScrollConsoleScreenBufferA
GetWindowsDirectoryA
CancelIo
ReadFileScatter
FoldStringW
OpenProcess
GetDateFormatW
ReadConsoleOutputCharacterW

user32

ChildWindowFromPointEx
DestroyCaret
DialogBoxParamW
GrayStringW
IsWindowEnabled
CreateWindowStationA
LoadCursorA
EqualRect
EnumPropsA
ScreenToClient
DdeDisconnect
TrackPopupMenu
SendNotifyMessageW

gdi32

CloseMetaFile
DeleteDC
GetStockObject
SetPixelV
ExtFloodFill
GetBitmapDimensionEx
GetICMProfileA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE