03cb91ad13dafec6daab32ba4e226cc8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03cb91ad13dafec6daab32ba4e226cc8_JaffaCakes118
Size

109KB
MD5

03cb91ad13dafec6daab32ba4e226cc8
SHA1

54d1046120e420ee3e5e84d38e82a335e12a8a29
SHA256

5804278ab163feb9e85e95aa847280b17f6d1555af6f53b4fe7e88135d8f8eb8
SHA512

fd68babe8cd4f27b8f87b226ec15f21babef29f6fd95ed45fcd3d5cd20c5ece9461b1196f95c4865af79134fe20e6b7ae9ae0c772e9ae0cdf9bc87dff727e3ab
SSDEEP

1536:iq3HpQPS43EkXlthT0xYx3jGN7oYVV98NFt/y1LdgdIKLlC7eaKSOy9YK:LJQVhXRQoY0Ft/y9dYImlKer3oYK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03cb91ad13dafec6daab32ba4e226cc8_JaffaCakes118

Files

03cb91ad13dafec6daab32ba4e226cc8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

284dea8be8b45b650d8758933df95d31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\scoshCx\tNvj\TYgyfk.pdb

Imports

gdi32

SetLayout
SetPaletteEntries
GetDIBits
GetTextExtentPoint32A
SetBkMode
GetLayout
CreateRoundRectRgn

kernel32

SetThreadContext
GetHandleInformation
GetProcAddress
lstrcmpiW
GetTempFileNameA
WinExec
GetFileAttributesW
LCMapStringA
GetSystemDirectoryW
AddAtomW
SetHandleCount
FreeResource
RemoveDirectoryA
LoadLibraryW

user32

GetUserObjectInformationA
SendMessageTimeoutW
ShowScrollBar
CharUpperW
RegisterClassW
GetWindowLongW
RegisterWindowMessageW
GetFocus
SetActiveWindow
GetDCEx
GetWindow
CreateIconIndirect
GetPropA
BeginDeferWindowPos

Exports

Exports

?PisaGdjQsmvy@@YGFPAMPAM@Z

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 606B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ