03a81ae5ff485306eac48b88de23ed0a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03a81ae5ff485306eac48b88de23ed0a_JaffaCakes118
Size

71KB
MD5

03a81ae5ff485306eac48b88de23ed0a
SHA1

9042de784cff6fa06b089cc74702c7c3a6e2e9b9
SHA256

e55ce675dfb887354b07161d22f3daba7dfde90c565baec9827abe89cc071771
SHA512

8a33e88c8b18cf0288a146a3eeda52f009dec9868bee6d00e5f9b68a667bb99504958cbb18b0b030848ebc02c0ead99bcb072f813ee97a6597d75d71ebcc3ca8
SSDEEP

1536:+7J6kO2LrzhQVgVLqlZQvwBTLcsM6R5Tfqtof1u86nLlU:+cqhd1A3csM6rqto9any

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03a81ae5ff485306eac48b88de23ed0a_JaffaCakes118

Files

03a81ae5ff485306eac48b88de23ed0a_JaffaCakes118
.exe windows:3 windows x86 arch:x86

1af209903e6a5fd296c57a37d4e357d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateThread
DisableThreadLibraryCalls
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetVersionExA
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
LeaveCriticalSection
LocalFree
QueryPerformanceCounter
ReadFile
UnhandledExceptionFilter
VirtualAlloc
lstrlenA

user32

BeginPaint
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDC
GetDlgItem
GetParent
GetWindowLongA
IsWindow
KillTimer
LoadIconA
PeekMessageA
PostQuitMessage
ReleaseDC
SendDlgItemMessageA
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetWindowLongA
SetWindowTextA
ShowWindow
TranslateMessage

Sections

CODE
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 37KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ