04b5064e6db5d2194bb9ce9b39bf3963_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04b5064e6db5d2194bb9ce9b39bf3963_JaffaCakes118
Size

212KB
MD5

04b5064e6db5d2194bb9ce9b39bf3963
SHA1

459ecedeec89cf098a65a181a5c6292b7ac44b3c
SHA256

777be730b6229c3eadee7f280fa623f9b1bb792fc9557e5d101290f1c3bdc7b8
SHA512

578603b5459deef6c4aa54051ce98098f2acf2be0943d58f0702fd4af47be8ba0af34f73871fa23c39aa1173be3545aea690d94bc8a1ed595ff502d3d9b6b101
SSDEEP

6144:MnGct+VcGPAMNQ+R71YYYUtBw58aEPAcVx:Mn9GPBQQ71Lzw2aMHx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04b5064e6db5d2194bb9ce9b39bf3963_JaffaCakes118

Files

04b5064e6db5d2194bb9ce9b39bf3963_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f2cd651e7cabd4762ec638d5598aabb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
WindowFromPoint
EndPaint
IsWindowVisible
IsWindow
LoadIconA
LoadCursorA
RegisterClassExA
SetWindowTextA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA

gdi32

SetRectRgn
FrameRgn
GetTextColor

kernel32

GetDateFormatA
GetLastError
GetThreadLocale
SetFileAttributesA
GetTickCount
GetEnvironmentStrings
InitializeCriticalSection
EnterCriticalSection
LoadLibraryA
GetProcAddress
GetStartupInfoA
RtlUnwind
GetPrivateProfileStringA
HeapAlloc
FreeLibrary
HeapCreate
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ