181eca0e3b915d87ff8ff8ed5ac900f6_JaffaCakes118 | Triage

Sharing

General

Target

181eca0e3b915d87ff8ff8ed5ac900f6_JaffaCakes118
Size

175KB
MD5

181eca0e3b915d87ff8ff8ed5ac900f6
SHA1

13fe9b66d3927c84fcab057186337e049d3872cc
SHA256

90463076bb57946dc381ea031f4a30119fd681ab18d79760af88da2a5285b16e
SHA512

6e92d5ea035b519efe8c20ef69f3b49a2bf4d9a352cd8a90197fa96dc750a47cc898f165513e21fb282fa87299f32a7221c435e6afbf5d31a9bb724dfe865ef6
SSDEEP

3072:1iYlcLgLRDLjcIiShhm9xLWX3LtSRGK6jUouGYK9/I6vrM:llcIZ4IiVxLWnLtWHfGYK26

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
181eca0e3b915d87ff8ff8ed5ac900f6_JaffaCakes118

Files

181eca0e3b915d87ff8ff8ed5ac900f6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

169ff4412a42e0fa59f9e17c1e55ab28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\uucchNEMgkubDm\xrxoYTPFrB\jyiqnuk.pdb

Imports

user32

DefFrameProcW
ChildWindowFromPoint
GetDoubleClickTime
SetTimer
GetWindowDC
SetScrollRange
wsprintfW
TrackPopupMenu
LoadStringW
GetScrollRange
ModifyMenuW
IsCharUpperW
CharNextExA
HideCaret
MapVirtualKeyExW
IsDialogMessageW
GetClientRect

gdi32

ExtFloodFill
DPtoLP
RoundRect
SetDIBColorTable
GetSystemPaletteEntries
ExtTextOutA

kernel32

lstrlenA
lstrcpyA
RemoveDirectoryA
HeapSize
GetModuleFileNameA
CreateWaitableTimerA
GetModuleHandleA
VerifyVersionInfoW
DeviceIoControl
LoadLibraryA

shlwapi

ChrCmpIW
UrlEscapeA

msvcrt

_controlfp
atoi
_wtoi
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
memset
_exit
strspn
isspace
_cexit
__setusermatherr
__getmainargs
fflush

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ort
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 144KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE