28bdb895e414a7e60730273e602e4b3d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28bdb895e414a7e60730273e602e4b3d_JaffaCakes118
Size

112KB
MD5

28bdb895e414a7e60730273e602e4b3d
SHA1

0b059e72c0421e56916a85b3b19f910a948d4be6
SHA256

ec68b30ec97cb405dd17fe6f1d1fe0eb7253d1c233caadf7237c24df8a1a4daf
SHA512

a3920377a842923178651b427dbed10ac166c1e92ec73af7b4d8f12db6d1bae27e873d46879fdf8bc59694928a0c20f6480cf18da01028b41acb6c491a2a68e1
SSDEEP

3072:ZW2yCRiC/EGN4U4yX7ud30gly75RxTYjH24zH:2lXqSdkn5RxTIW4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28bdb895e414a7e60730273e602e4b3d_JaffaCakes118

Files

28bdb895e414a7e60730273e602e4b3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcbca52b8c4902fdef65d15d9b3708d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateMutexA
GetWindowsDirectoryA
VirtualAlloc
GetProcAddress
LoadLibraryA
VirtualFree
VirtualProtect
CloseHandle
HeapFree
ReadFile
SetFilePointer
HeapAlloc
GetProcessHeap
GetFileSize
CreateFileA
GetModuleFileNameA
GetCurrentThread
VirtualProtectEx
VirtualAllocEx
GetCurrentProcess
ExitProcess
LocalAlloc
LocalFree
GetModuleHandleA
ExitThread
InterlockedExchange
RtlUnwind
VirtualQuery

user32

GetActiveWindow
DefWindowProcA
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
MoveWindow
ShowWindow
CreateWindowExA
RegisterClassExA
FindWindowA
GetForegroundWindow
RegisterClassA
CreateDialogParamA
PostMessageA

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ