095f98e33193a1b031d6eb3a468b2c89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

095f98e33193a1b031d6eb3a468b2c89_JaffaCakes118
Size

196KB
MD5

095f98e33193a1b031d6eb3a468b2c89
SHA1

35b8c057f0b004aa20d274436f19a238101290cc
SHA256

f730fa10d1eec2e5690bc7b038b113bb81b77c94b1e1d9082f5e02bb9657998d
SHA512

2c1fe4aadccde067eae17b7cb509fcbc147d008fa99334f27638e3c7fd665bea850c5f12eb0500601f365a3ef5ed94d9b71c8bd7635a613519fc50c48d73d4f2
SSDEEP

3072:HMSUWWZNCg0ooOP1SRqwxRNASwcjuFBRui4RYyyvarcm68/vPqf:sSUH0gPP1wX+sjyRL4RYXC16YPqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
095f98e33193a1b031d6eb3a468b2c89_JaffaCakes118

Files

095f98e33193a1b031d6eb3a468b2c89_JaffaCakes118
.exe windows:5 windows x86 arch:x86

86370ee345061b353eae4b50f97d81f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcW
PtInRect
DestroyIcon
IsDialogMessageA
LoadImageW
ReleaseDC
SetRectEmpty
SetLastErrorEx
GetUpdateRgn
IsRectEmpty
ExitWindowsEx
SetMenu
TranslateMessage
GetKeyState
ScreenToClient
SetActiveWindow
ChangeMenuW
TrackPopupMenu

kernel32

GetLocaleInfoW
EnumResourceTypesA
CloseHandle
HeapFree
SetupComm
GetLongPathNameW
UnmapViewOfFile
CreateMutexW
GetNumberFormatW
WaitCommEvent

gdi32

UnrealizeObject
EnumFontFamiliesExW
StretchBlt
ResizePalette
SelectClipRgn
GetLayout
RectVisible

comctl32

ImageList_Write
CreatePropertySheetPageW

shlwapi

PathIsContentTypeA

Exports

Exports

GetWindowExA@12
IsValidStateExA@16
GetPointerW@4
FreeFileOld@16
CopyNameOriginal@12

Sections

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE