38fac5e9b7c211d5be0cca3a9500e6d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38fac5e9b7c211d5be0cca3a9500e6d2_JaffaCakes118
Size

196KB
MD5

38fac5e9b7c211d5be0cca3a9500e6d2
SHA1

d3a47d072ad6833d4b0afa2e82534b1cc4d6dab8
SHA256

e9a583886d033d551f610f4debd8e55f9cb8745c87856f4e995a124225c3ff6f
SHA512

e7731a154b08a11a3b44c2647b24fa86534e1d1804511a9af965801a7bfa4ea0ec38944001ffe1e215420657abebfbbdac66dbc8e6ffd6f2bc706e25a04c828d
SSDEEP

3072:xtKgxArbF8uzmkgS8SE5CAm9TI3bySG346BEys+gM7PqxLsl82KQhVubUS+vPq5:1ArbGo2aiCt9k+SG3GhLsHKQhVLSuPq5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38fac5e9b7c211d5be0cca3a9500e6d2_JaffaCakes118

Files

38fac5e9b7c211d5be0cca3a9500e6d2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

86370ee345061b353eae4b50f97d81f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcW
PtInRect
DestroyIcon
IsDialogMessageA
LoadImageW
ReleaseDC
SetRectEmpty
SetLastErrorEx
GetUpdateRgn
IsRectEmpty
ExitWindowsEx
SetMenu
TranslateMessage
GetKeyState
ScreenToClient
SetActiveWindow
ChangeMenuW
TrackPopupMenu

kernel32

GetLocaleInfoW
EnumResourceTypesA
CloseHandle
HeapFree
SetupComm
GetLongPathNameW
UnmapViewOfFile
CreateMutexW
GetNumberFormatW
WaitCommEvent

gdi32

UnrealizeObject
EnumFontFamiliesExW
StretchBlt
ResizePalette
SelectClipRgn
GetLayout
RectVisible

comctl32

ImageList_Write
CreatePropertySheetPageW

shlwapi

PathIsContentTypeA

Exports

Exports

GetWindowExA@12
IsValidStateExA@16
GetPointerW@4
FreeFileOld@16
CopyNameOriginal@12

Sections

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE