39929e0be1dcda5d7d41ef4ec5625b35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39929e0be1dcda5d7d41ef4ec5625b35_JaffaCakes118
Size

505KB
MD5

39929e0be1dcda5d7d41ef4ec5625b35
SHA1

bfc046dd74a67a0d1bcce411a0bd0157ad88e718
SHA256

a1f1bfc0e58dc800bf5d19154afc55e9508b74988ea3af8f9d6298f2a841b5aa
SHA512

1565ede245b8d605ff5ab161b4228a961650552dcfcd4be3a9e77c34b264f9ad8a2befaf7de7efea2a77511cf763a4ce95681ea1a17f4903863d50ecff0e9537
SSDEEP

12288:atP4rGomTTW1S1LhulEhPm4TUHE63AVJ/rA:iPYmTy1DlEFDgHAHr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39929e0be1dcda5d7d41ef4ec5625b35_JaffaCakes118

Files

39929e0be1dcda5d7d41ef4ec5625b35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df05b848b2e567c65c313807f825151a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
ShowWindow
SetWindowPos
GetDC
SystemParametersInfoA
SetWindowTextA
GetSystemMetrics
GetDlgItem
InvalidateRect
SendMessageA
SetTimer
LoadIconA
FillRect
DispatchMessageA
EnableWindow
DestroyWindow

kernel32

WriteFile
GetCommandLineA
ExitProcess
HeapAlloc
GetEnvironmentVariableA
HeapFree
EnterCriticalSection
GetSystemInfo
lstrlenA
GetModuleFileNameW
GlobalFree
WaitForSingleObject
GetEnvironmentStringsW
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
LeaveCriticalSection
CreateFileA
TlsSetValue
Sleep
InterlockedDecrement
VirtualFree
HeapCreate
InitializeCriticalSection
TerminateProcess
LocalFree
GetStringTypeW
CreateFileMappingA
GetSystemTimeAsFileTime
GetCurrentProcess
SetUnhandledExceptionFilter
InterlockedExchange
SetFilePointer
lstrcmpiA
GetProcessHeap
InterlockedCompareExchange
GetProcAddress
HeapSize
MultiByteToWideChar
UnhandledExceptionFilter
GetLocaleInfoA
GetConsoleMode
SizeofResource

Sections

.text
Size: 473KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ