007627f2a69ac2e9a056d728f47d41e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

007627f2a69ac2e9a056d728f47d41e6_JaffaCakes118
Size

92KB
MD5

007627f2a69ac2e9a056d728f47d41e6
SHA1

cc6a39601ec7a2593d3c3b816d6cd74a88210728
SHA256

ba04e416be3c37438736fabc88faa7bf9e5e1afa7757bd88481d93e41f81770e
SHA512

45ac25d1731e7d12d19390cfe9d53ad21d268ef306535b8b7cfeb2a28fbb3f1e7d0053fa2674ad76096ac98bba731722573ca68cec90f32a28852152648c1323
SSDEEP

1536:IIE8mX6i5U5qiPWfqKsW4Gjra98zZigvSdWI3Ddy6eQm3HIfgS21jAy:a89yser08zwESdXs1HIfgX1jA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
007627f2a69ac2e9a056d728f47d41e6_JaffaCakes118

Files

007627f2a69ac2e9a056d728f47d41e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78ab3d83c692c594ec269100627382c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA

user32

GetKeyState
ReleaseCapture
PostMessageA

kernel32

LocalShrink
QueryDosDeviceW
LocalFlags
HeapCreate
WideCharToMultiByte
CallNamedPipeW
CloseHandle
ConvertThreadToFiber
CreateSemaphoreW
EnumSystemCodePagesA
EnumSystemLocalesA
ExitProcess
FoldStringW
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetPrivateProfileIntW
GetStartupInfoA
GetVersionExA
HeapAlloc
TlsFree

ole32

CoTaskMemAlloc
CoGetMalloc
CreateAntiMoniker
StringFromGUID2
CoFileTimeNow
CoCreateInstance
CoCreateGuid
CoBuildVersion
CoTaskMemFree

dbghelp

UnmapDebugInformation
SymRegisterFunctionEntryCallback
SymRegisterCallback64
SymGetSymFromName64

comctl32

ImageList_DrawIndirect
ImageList_Draw
ImageList_BeginDrag

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ