1629232c258966975957a141fec4a279_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1629232c258966975957a141fec4a279_JaffaCakes118
Size

242KB
MD5

1629232c258966975957a141fec4a279
SHA1

40780d34f678bbc1841b64b8e8305d33a51e26ee
SHA256

0824a69adb68abc5b77e2d25adf5e333943e148535a364c353dd617332b1c02e
SHA512

baf4110bce09f83cd6f4bd78eb0541cb8c8044f8617be936c72529484a4241f7625958b890168c0a51e55600ee32ee7df178355e02238c64a895a6662110fef8
SSDEEP

6144:9lywTPk/of1/jv2+7H14JlsDw4n9Wmxq8XjzZdQX:zxOofd74sv9W5KZo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1629232c258966975957a141fec4a279_JaffaCakes118

Files

1629232c258966975957a141fec4a279_JaffaCakes118
.exe windows:5 windows x86 arch:x86

148e3aa573c4c69c37bda980f9ef1db8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumChildWindows
GetScrollRange
GetCapture
GetDesktopWindow
RegisterClassExW
GetScrollPos
SetWindowTextA
GetPropA

gdi32

DeleteObject
GetArcDirection
CreatePolygonRgn
GetRegionData
GetStockObject
GetRgnBox

ole32

OleSetAutoConvert

comctl32

ord17

advapi32

IsValidSecurityDescriptor

kernel32

SetFileAttributesA
GetStartupInfoA
DeleteCriticalSection
InitializeCriticalSection
GetThreadLocale
GetTickCount
HeapDestroy
HeapFree
GetEnvironmentVariableA
GetLastError
FreeLibrary
LoadLibraryA
GetProcAddress
LocalFree
LocalSize
SetEndOfFile
HeapAlloc
HeapCreate
GetConsoleCP
LocalAlloc

Sections

.text
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ