0489d3f6c434904c7f17d0305160bffb_JaffaCakes118 | Triage

Sharing

General

Target

0489d3f6c434904c7f17d0305160bffb_JaffaCakes118
Size

769KB
MD5

0489d3f6c434904c7f17d0305160bffb
SHA1

08504d9fd54200c2c88fe5d6e2273d2dc9eb97ae
SHA256

d65277fef74a94a9117faff99a3eb21757addbf62bd6b66c09ea95bbdbdc2a7f
SHA512

16d6635d2cd275ca9ceb6a9f42fce0418efce17fe3606d1acba418f559a6aa9c6216b1988aa53793a869be4f8dbdabc4f9fd20a110658eaf33bc3039ffa8564d
SSDEEP

12288:BW57+tRwhctjylFKtcltvD5irWJB4ZJkXFeq4vFzXCAXZiy2WvJwuH/g:M0tRwh6mXPsav4ZJkgq4d7Tsy2WvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0489d3f6c434904c7f17d0305160bffb_JaffaCakes118

Files

0489d3f6c434904c7f17d0305160bffb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b54993b17b5e360da223abb2f75a0d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetTickCount
GlobalFlags
Sleep
GetModuleHandleA
GetFileTime
GetDriveTypeW
GetExitCodeProcess
WriteFile
GetModuleFileNameW
GetConsoleTitleA
GetStartupInfoA
FindClose
GetCommandLineA
DeviceIoControl
HeapCreate
CloseHandle
CloseHandle
GlobalSize
lstrlenA

user32

LoadImageA
DestroyWindow
DrawTextW
BeginPaint
DispatchMessageA
GetWindowLongW
DestroyMenu
CallWindowProcW
GetParent
DispatchMessageA
FillRect
PeekMessageA
IsZoomed

eapqec

InitializeQec
InitializeQec
InitializeQec
InitializeQec

imagehlp

ImageUnload

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 762KB - Virtual size: 761KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ