104dd1b92163636b700f0a7b2e925803_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

104dd1b92163636b700f0a7b2e925803_JaffaCakes118
Size

747KB
MD5

104dd1b92163636b700f0a7b2e925803
SHA1

298845ebbec9967846f832e9add99691c3dd6afd
SHA256

921ba33773d868bceca1a596d5db50233de240afd9d509f26d82de059770d361
SHA512

9d39c83d7f46e35453ec721b3395cbdaa67dd684fb73bb3a0d4765ec34a8c64861604bc577bb6b0520265f75b501af41c80c3ddac850fdfd7e38756dab89d302
SSDEEP

12288:9XAJILkrgtXn0XPAs7N29t3SyQqMoR/OdP1tZOXmrwiLFZwiQPx:tIILkrAn7+N2n3aqFO9ZTng

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
104dd1b92163636b700f0a7b2e925803_JaffaCakes118

Files

104dd1b92163636b700f0a7b2e925803_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d2f404fcd9c7ecd08df084a1d9ae008

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
CreateMutexA
GetCommandLineW
SetEvent
ResetEvent
GetTickCount
DeleteFileW
ReleaseMutex
WriteConsoleW
GetModuleHandleA
GetEnvironmentVariableW
VirtualAllocEx
OpenProcess
GetStartupInfoW
CreateFileA
RemoveDirectoryA
ClearCommBreak
GetFileAttributesA
CancelIo
SetLastError
HeapSize

user32

FindWindowA
GetSysColor
GetWindowLongA
GetCursorInfo
GetDC
GetDC
GetClassInfoA
CallWindowProcW
PeekMessageA
DispatchMessageW
DispatchMessageW
FillRect
GetDC

lpk

LpkExtTextOut
LpkExtTextOut
LpkExtTextOut
LpkExtTextOut

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ