140399c295762ad2ddc147da2a64c0b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

140399c295762ad2ddc147da2a64c0b5_JaffaCakes118
Size

50KB
MD5

140399c295762ad2ddc147da2a64c0b5
SHA1

489032e07d1edac350fc3d38d17896fbd7ff3a7b
SHA256

01cca293ad2d67e8a8ac11b329f034d62747f5d5910da3aaa4193b11a5b0f394
SHA512

998958a5701765ce96d12888951578b7f372da8247d96f0c5ace080961c5b36fc5b303a2c85f8766746e5fcf6cc1eb55f99b4969daf3aff402c6c0255cf0f7ca
SSDEEP

768:0YSrdPW7MbN9aqWM38C1hfWdXr9amZimp+TewD4guIplbApwhJ42xA/cpN:0Y85GMbjachIXdAVywD4LIpDJ4oAEL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
140399c295762ad2ddc147da2a64c0b5_JaffaCakes118

Files

140399c295762ad2ddc147da2a64c0b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb9130958ef82815c2c9a166f837cc58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetFocus
KillTimer
CallWindowProcW
RegisterWindowMessageW
ShowWindow
MapWindowPoints

kernel32

FindFirstFileW
GetTickCount
GetCurrentProcess
GetSystemInfo
SystemTimeToFileTime
EnterCriticalSection
GetDriveTypeW
SetStdHandle
ExitProcess
FormatMessageW
FindResourceW
lstrlenW
GetModuleHandleA
SetConsoleCP
HeapAlloc
CompareStringW
GetOEMCP
CreateFileW
WaitForSingleObject
UnhandledExceptionFilter
GetStartupInfoA
GetACP
HeapFree
GlobalLock
GetEnvironmentStringsW
HeapDestroy
SetEvent
GetCommandLineW
VirtualProtect

advapi32

ReportEventW

msvcrt

_adjust_fdiv
memcpy
_callnewh
_XcptFilter

lz32

LZClose

gdi32

SetBrushOrgEx
DeleteDC
CreateRectRgnIndirect

ole32

CoCancelCall
CoTaskMemRealloc

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 37KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ