04ced558e6963387b3afe060aad0678c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04ced558e6963387b3afe060aad0678c_JaffaCakes118
Size

201KB
MD5

04ced558e6963387b3afe060aad0678c
SHA1

fcd87f9524fc1abc8388de02102bea745dc0bee3
SHA256

0a3254ceaef2b6165bafd8ae90bc2a9edb0a1c3d21ee2043a9dbb0b0ce852cd1
SHA512

90cd643bde8d4c7e4bcb86b5b667f5cf07e2f5d3d5b8900805e2d318d05ab88b729b56475745bed1e6fba39f4baef6231792d8f68282736df00149a4fd3c4e68
SSDEEP

6144:dnySTW09oMfM7pihSBj75TrzWIAR4gBRPh6B2:dn3WyowM7uS3TrKBPhu2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04ced558e6963387b3afe060aad0678c_JaffaCakes118

Files

04ced558e6963387b3afe060aad0678c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aeabdce551bb838e2e4047f259d60f1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
ExitProcess
ExitThread
FlushFileBuffers
FormatMessageA
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetProcessAffinityMask
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
LoadLibraryA
QueryPerformanceCounter
SetEnvironmentVariableA
SetHandleCount
SetUnhandledExceptionFilter
VirtualAlloc
VirtualProtect

msvcrt

strcpy
wcscmp
strncmp
strncat
wcscpy

user32

SystemParametersInfoA
GetWindowRect
EnumChildWindows
DrawEdge
WindowFromPoint

comctl32

CreateStatusWindowA
CreatePropertySheetPageA
CreateMappedBitmap
DrawStatusTextA
GetEffectiveClientRect
ShowHideMenuCtl
MenuHelp
InitCommonControls
CreateToolbarEx

Sections

.text
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ