129bceca3d4010f760e5bd320e602f6c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

129bceca3d4010f760e5bd320e602f6c_JaffaCakes118
Size

92KB
MD5

129bceca3d4010f760e5bd320e602f6c
SHA1

224e51d90a9d62b0617564fab06f735a6f20d5b3
SHA256

9a817b1e13bcc67fb05c4e56cbd97009a9aaa5c0bde6f26d5e4417db7f64c547
SHA512

882c476e3e8496e91c6c9b810227afc678e49fe597c02c84da8293b387b9795dea2a0982427fa184032b89b58cc406821c7e4e7bd255740f2a7a0afe950634ed
SSDEEP

1536:JKihDsj7TyQ8Jb9190N7oc/u3y+0IqMLK8W3wAENLNZ5ZxzUNurxnh:4iR8TyVJh19YhYfLMwAqH5ZywZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
129bceca3d4010f760e5bd320e602f6c_JaffaCakes118

Files

129bceca3d4010f760e5bd320e602f6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e89b31c0323b91423d851b07df9edd84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
SetDefaultCommConfigA
GetConsoleWindow
BuildCommDCBAndTimeoutsA
Process32Next
SetFilePointer
VirtualAllocEx
GetProfileSectionA
SetFilePointerEx
GetFileTime
GetCommandLineA
GlobalFindAtomA
ExitProcess
CancelWaitableTimer
GetEnvironmentVariableA

user32

ScrollDC
ShowScrollBar
GetMenuStringA
RegisterWindowMessageW
UpdateLayeredWindow
IsChild
GetClassInfoA
IsDlgButtonChecked
SendNotifyMessageW
CharUpperA
ChangeDisplaySettingsExA
GetAncestor
CallMsgFilterA

gdi32

StretchBlt
DeleteObject
PatBlt
LineTo

Exports

Exports

Diqfkuwpvsc
Btocndaywf

Sections

.textbbs
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 80KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ