2664fc24b4319e4159639bb8810c47b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2664fc24b4319e4159639bb8810c47b1_JaffaCakes118
Size

249KB
MD5

2664fc24b4319e4159639bb8810c47b1
SHA1

6100658d046592038fa89d500559678b19e071b5
SHA256

304bf76963320e07de3c94696c4868fde94f7a61f837e0338736c1b7c24f0a63
SHA512

4726049c6705ec628df5624e6daeea9d52db8771467193a74627f8808f29c2e0ba4e9b09ad5f5d466d3e119db602f26b102087487ae70569eadc93023d485bbd
SSDEEP

6144:1OpH9ZvIb2Nn6EoftYaEVufIbucfLJF4uTfVnBkhhCy7h:1SqpfftY1GId7VD8h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2664fc24b4319e4159639bb8810c47b1_JaffaCakes118

Files

2664fc24b4319e4159639bb8810c47b1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7a752aad509796749233a0a735d2232c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindow
WindowFromPoint
IsWindowVisible
BeginPaint
EndPaint
SetWindowTextA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExW

gdi32

SetRectRgn
FrameRgn
GetTextColor
CreateFontIndirectA
DeleteObject
GetStockObject

kernel32

GetLastError
SetFileAttributesA
GetEnvironmentStrings
InitializeCriticalSection
GetThreadLocale
LoadLibraryA
GetProcAddress
LeaveCriticalSection
DeleteCriticalSection
GetDateFormatA
GetTickCount
HeapDestroy
HeapFree
GetEnvironmentVariableA
EnterCriticalSection
CompareStringA
FreeLibrary
HeapAlloc
HeapCreate

Sections

.text
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ