001bdb0b8fe6698712b0d577860e02c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

001bdb0b8fe6698712b0d577860e02c6_JaffaCakes118
Size

25KB
MD5

001bdb0b8fe6698712b0d577860e02c6
SHA1

e68633acbda218477c78b6f3d90176fad31dcc6a
SHA256

b27bea87b52e47ac931872317a8231f60ec86b6748ca6e1debb0b73dca7f98ad
SHA512

cb283b32ef1bb350f5b99400a444c09e17e58b634f1536a5b4bcf36b2552fdad1d0b541b6d2ce9e275e873bd26337a4d864600041af8d3cce78fb7d49bdd38c2
SSDEEP

384:O8acR7sMZe6hOMBFuSXeC0eXwZ1C8wszmFSrRWiyyvm2GmeJJp:JRZXu2eC0ei1C1sqSrMiyR2GmeJJp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
001bdb0b8fe6698712b0d577860e02c6_JaffaCakes118

Files

001bdb0b8fe6698712b0d577860e02c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62f16dcca83c6c8db3641c470469faab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject

user32

LoadCursorA
LoadIconA
MessageBoxA
MoveWindow
PostQuitMessage
RegisterClassExA
GetWindowTextA
SetFocus
SetForegroundWindow
SetWindowLongA
ShowWindow
TranslateMessage
UpdateWindow
GetSystemMetrics
GetMessageA
GetClientRect
GetClassNameA
EnumWindows
DispatchMessageA
DefWindowProcA
CreateWindowExA
CallWindowProcA
SendMessageA

kernel32

GetCommandLineA
VirtualProtect
GetTickCount
GetModuleHandleA
ExitProcess

comctl32

InitCommonControls

msvcrt

atoi

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 986B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ