028e8dfe9a3603a97cc0d39b6b655ca2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

028e8dfe9a3603a97cc0d39b6b655ca2_JaffaCakes118
Size

103KB
MD5

028e8dfe9a3603a97cc0d39b6b655ca2
SHA1

21b01977d108a9c2d4c4460f8a8bc9972877504c
SHA256

edac521bcc0ec5ecba872fe3cb2dc8d2bccb1cd7b4dc8f95b5c8bf1235ed94a6
SHA512

85d0811c5c0f94f8a9a8cb2646fc0ac386c4c5e7fdad87ccd97febc95c87ac9da5b0dace053b6e0a94e4cac028b3623be652cd6d00195a0b74fcc9325c258aec
SSDEEP

1536:fLnoRnGm56gy2Xbpk7UY92NAph+vfNVlyQkBAy1OknLC:fOnGm5677UGTIfMhlnLC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
028e8dfe9a3603a97cc0d39b6b655ca2_JaffaCakes118

Files

028e8dfe9a3603a97cc0d39b6b655ca2_JaffaCakes118
.exe windows:3 windows x86 arch:x86

d936f20064f343909600ce85c621c3a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetTickCount
GetVersionExA
HeapDestroy
HeapFree
InterlockedDecrement
LoadLibraryA
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
Sleep
UnhandledExceptionFilter

user32

CreateWindowExA
DestroyWindow
DialogBoxParamA
EnableWindow
EndDialog
EndPaint
GetDesktopWindow
GetFocus
GetParent
GetWindowLongA
GetWindowRect
InvalidateRect
PeekMessageA
PostQuitMessage
SendDlgItemMessageA
SetDlgItemTextA
TranslateMessage

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ