1745b7632bdf198344947fd77c1e13cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1745b7632bdf198344947fd77c1e13cd_JaffaCakes118
Size

197KB
MD5

1745b7632bdf198344947fd77c1e13cd
SHA1

608d06465c15d94d2e9996bc61a7f6a38c533ca1
SHA256

c603bc3536b9e6b9787a438878c032c8690543cf4ecf11bc321eb75dad5f2cd1
SHA512

aa4c43f4eb60ef33e68cf5b02147f42da5037db773f5b0c79767e439015bb3a6d744c59485b48cb36e96d38528f80adfedc28aa3798ffa4983cb4120f06e4617
SSDEEP

3072:B6drS1c28fUFafswKP2wIYa7CfZgRq/ZksUkXDpBpOTBFE6B4f4a5nc+hdnaPIlS:Df8fUHtmCf+0KsU2Dp+m4aS+/aPIlGv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1745b7632bdf198344947fd77c1e13cd_JaffaCakes118

Files

1745b7632bdf198344947fd77c1e13cd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eb007d540d566b64320ae6c5723a5348

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\donrocnoneYettcabsofapelted~\sayBornVideopfrigadpapelted~\romkatoswaySownbugboapelted~\BilkDhalSkitavaqigboapelted~\YidsmurhosGanelogdugaywyeas~.pdb

Imports

gdi32

GetTextExtentExPointW
SetLayout
GetTextColor
Polyline
SetDIBits
GetClipBox
SetPixel

kernel32

GetFileType
HeapCreate
WaitForMultipleObjectsEx
UnlockFile
Sleep
TlsFree
FormatMessageA
CompareFileTime

user32

GetActiveWindow
GetNextDlgTabItem
IsWindowUnicode
FillRect
LoadBitmapA
CharNextA
DestroyWindow
HiliteMenuItem
GetWindowLongW
CreateWindowExA
LoadMenuA
GetMenuState
GetSysColor
CharLowerW
SetDlgItemInt
SystemParametersInfoW
EnumThreadWindows

shlwapi

PathIsDirectoryA

Exports

Exports

PutWindowInfo@12
OnSystemExA@12
DeviceExA@12
DataW@4
IsNotSizeEx@16

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ