16b6faea1071db3ad1755e8358a2c1db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16b6faea1071db3ad1755e8358a2c1db_JaffaCakes118
Size

79KB
MD5

16b6faea1071db3ad1755e8358a2c1db
SHA1

6e76718768b356c84b0822201a9831ef897f2ce1
SHA256

f2881ed8ec3ab08324d9b9571616f3608d067fc34d9edeb3597551c6f663bc94
SHA512

69ad8c01082fc1b39919a847928502f4b5e15b10dc268356b955969044fe6f1b8c533a16d8db2c24600d21e23d94f34112cbc3be671f9cb56080a5dc35f39c2d
SSDEEP

1536:7gGVgjrv6ASMksdH/qxObyPHohVMS5dK2RxEDxagybMhDQUxw0O4:cMy6hMkQfqxObigqSRElJDQuw0x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16b6faea1071db3ad1755e8358a2c1db_JaffaCakes118

Files

16b6faea1071db3ad1755e8358a2c1db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e0efd0a344bc1c0daf3197493c46b256

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

swprintf
memset

kernel32

GetTickCount
VirtualProtect

user32

LoadStringW
EndDialog
SetWindowLongW
GetDlgItem
GetDlgCtrlID
SetDlgItemInt
MessageBoxW
DialogBoxParamW
FillRect
PostQuitMessage
SetTimer
GetDlgItemInt
SetDlgItemTextW
GetClientRect
SendMessageW
GetWindowLongW

gdi32

CreateFontIndirectW
DeleteObject
GetStockObject
CreateSolidBrush
SetBkColor

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ