303d53eccdb8569f84abf26fbfdb28ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

303d53eccdb8569f84abf26fbfdb28ec_JaffaCakes118
Size

814KB
MD5

303d53eccdb8569f84abf26fbfdb28ec
SHA1

ae60aeabbab434c1cc34692bc25be64f26540b99
SHA256

ad242c7b52f58f8c632937441e7e43d8f178f739d1853212ceb9b11191e9eb96
SHA512

7429b4d6478eba633b510e90db0abf78815158720b49e8be6f1f8196eeacfc2ccd0e9479f21800743a09e53c26112cda8ad4fac8e3300ef1924f1e5dce7506e0
SSDEEP

12288:G0d6cFHGfbNrkv0YjQe+DvUoo9ZL0xw/RGoGaH0IW0F+PE4SkUcmg9:GaGxrkv0QjJSx4OWc0F+Ek9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
303d53eccdb8569f84abf26fbfdb28ec_JaffaCakes118

Files

303d53eccdb8569f84abf26fbfdb28ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce1bebc607009368814cb1c7e05b3367

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileA
EnumResourceTypesW
FindClose
OpenEventA
GetEnvironmentVariableA
GetModuleHandleA
GetCommandLineW
HeapCreate
WriteConsoleA
GetStartupInfoA
SetLastError
CreateSemaphoreW
SuspendThread
GetVersion
ExitProcess
CloseHandle
lstrlenW
Sleep
HeapDestroy

user32

CallWindowProcW
DispatchMessageA
GetClassInfoA
DrawTextW
GetClipCursor
GetSysColor
FindWindowA
DispatchMessageA
IsZoomed
GetKeyState
GetWindowLongA
PeekMessageA
CreateIcon

docprop

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 806KB - Virtual size: 805KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ