ff1038076b6df50219cd537ce1079ee5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff1038076b6df50219cd537ce1079ee5_JaffaCakes118
Size

50KB
MD5

ff1038076b6df50219cd537ce1079ee5
SHA1

7483f017b4f229f772e0badd65ea9a5aa97c2ad9
SHA256

35bba64de05b98016669de33d221e344794581b5a6b1800b7921f8d6fa709259
SHA512

23cc92f734c724ff8e30a90446cd244f846507b80d3c3db5b40e0844a6e525b121dfd1d26f911f62abc8082185b2fd14c8b0aa1e2e2397664a88872bb1e772b4
SSDEEP

768:Y17oCnTKqK4xCFui32GJkeQKl9WoxOksIEPQHrvep7kP8Emuc2l315JnC:YFK4kFug2GJrQKD1vlbIo5JnC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff1038076b6df50219cd537ce1079ee5_JaffaCakes118

Files

ff1038076b6df50219cd537ce1079ee5_JaffaCakes118
.exe windows:3 windows x86 arch:x86

8c591537441a5a52286e00fc96b428e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteCriticalSection
EnterCriticalSection
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
QueryPerformanceCounter
ReadFile
SetLastError
VirtualAlloc

user32

BeginPaint
DispatchMessageA
EndDialog
EndPaint
GetCapture
GetDlgItem
GetFocus
GetKeyboardType
GetSystemMetrics
IsChild
IsDlgButtonChecked
IsIconic
PostMessageA
SendDlgItemMessageA
SetForegroundWindow
SetWindowTextA
ShowWindow
TranslateMessage

Sections

CODE
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ