142ab41eca467e9114f75f53602ce1d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

142ab41eca467e9114f75f53602ce1d9_JaffaCakes118
Size

51KB
MD5

142ab41eca467e9114f75f53602ce1d9
SHA1

c3f14835fcb3a8d9e2f1fd6abd5d15b502269986
SHA256

6c3070df6a6112cb088903c95f94cbfa0905737cbd69b3307864a9d4ac08aa33
SHA512

6de3715960d627bc0c6ca33466b8bf1046ea138de2e1b0181720e89764026898a7308b7bad04942b345f32e9a77ace0ab0ab5c9207c533f1e54a5cafd3633714
SSDEEP

768:9nU4mX3X7yD7Xp4V2Fp7JJBUMx/ALl+qEfPyogs8VL4Tg7Wo2HlTGCMMwgnteJnC:1vmX3X7Ick7JMSe9MOH977qgMzteJnC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
142ab41eca467e9114f75f53602ce1d9_JaffaCakes118

Files

142ab41eca467e9114f75f53602ce1d9_JaffaCakes118
.exe windows:3 windows x86 arch:x86

6601c9987b31b1ca3a0ab016065b0cf4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DisableThreadLibraryCalls
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
HeapAlloc
LocalFree
QueryPerformanceCounter
ReadFile
Sleep
VirtualAlloc

user32

BeginPaint
CharNextA
CreateWindowExA
DefWindowProcA
DestroyWindow
EndPaint
GetCapture
GetClientRect
GetDlgItem
GetKeyboardType
GetSystemMetrics
IsChild
IsIconic
KillTimer
MessageBoxA
PostQuitMessage
SendDlgItemMessageA
SetWindowPos
SetWindowTextA

Sections

CODE
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ