251703340283d927522b1f08f951ce1c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

251703340283d927522b1f08f951ce1c_JaffaCakes118
Size

34KB
MD5

251703340283d927522b1f08f951ce1c
SHA1

b02ea97ad881e096beae438c8b7d5aa855c5f1c2
SHA256

e4c71db74637c6dfc75b6186c47747c94a795a1a3f541af8aad92c42f93b0bbb
SHA512

f88805fd141dacd8ddd45a541cb34833b92859c99c3fee0ca3dd48e2f84761303d07187cc56adf1e95896c246542dbc66ecfc7fff4ada701e880bf364aaa4b26
SSDEEP

768:0LrW+LbWBPkCOX5NIp09tmIXmhHTsTjF8:EhLykNXspWEI+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
251703340283d927522b1f08f951ce1c_JaffaCakes118

Files

251703340283d927522b1f08f951ce1c_JaffaCakes118
.exe windows:2 windows x86 arch:x86

416102a785f5147824be1d8ebf859efa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
TlsAlloc
GetModuleFileNameW
GetProcessHeaps
lstrcmpiA
GetDiskFreeSpaceW
lstrcmpi
GetCPInfo
FindAtomW
WaitForSingleObject
FatalAppExitA
GetLocalTime
OpenMutexW
lstrlen
GetAtomNameA
GetShortPathNameA
IsDebuggerPresent
CompareStringA
GetTempFileNameA
VirtualAlloc
GetFileAttributesW

user32

CreateWindowExA
TrackPopupMenu
UpdateWindow
wvsprintfW
WaitMessage
IsWindow
GetWindowLongW
GetCapture
CopyIcon
LoadMenuIndirectW
GetWindowRect
GetMessageA
CharPrevA
LoadImageW
PeekMessageA
GetActiveWindow
SetFocus
DialogBoxParamW

gdi32

SetDIBits
CreateDIBSection
LineTo

advapi32

RegSetValueW

comdlg32

PrintDlgExA
GetOpenFileNameW
FindTextW

shell32

SHCreateDirectoryExA

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ