3aa4fc358c60a49a6103ae192fb2c58c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3aa4fc358c60a49a6103ae192fb2c58c_JaffaCakes118
Size

1.0MB
MD5

3aa4fc358c60a49a6103ae192fb2c58c
SHA1

4909e0ed67d81442ba48787b21013b0a16bc4544
SHA256

d2318dce7a692fbd17677b817bc389929322166ab5b3ede60eb500e2043f0168
SHA512

9d38afb96efea1d7a4cce473aa3184eda60c622e5f77f23a0158e52bacd2c4e84b8d371d00720f97a5483dd1088a6d51f7f958e3cc6456f22c84a594fae82b43
SSDEEP

24576:REoxaLpKO/4FMn33333b7r5tI9U9oYK2plHbPFu:iV/4m33333b7r57lK277tu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aa4fc358c60a49a6103ae192fb2c58c_JaffaCakes118

Files

3aa4fc358c60a49a6103ae192fb2c58c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1675c6e822db5abb59f82aa332e682ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetVersion
lstrcpyA
GetFileSize
lstrcatA
LocalAlloc
GetLastError
lstrlenA
GlobalAlloc

gdi32

MoveToEx
SelectObject
GetDeviceCaps
GetTextColor
LineTo
GetTextMetricsA
CreateFontIndirectA
DeleteObject
SetROP2
GetBkColor
SetBkMode
CreateCompatibleDC
GetStockObject
PatBlt

msvcrt

_XcptFilter
_exit
_adjust_fdiv
__set_app_type
_controlfp
_c_exit
memmove
exit

user32

MessageBoxA
GetFocus
LoadIconA
GetWindowRect
ShowWindow
TranslateMessage
EndPaint
DestroyWindow
DialogBoxParamA
GetSysColor

Sections

.text
Size: 1024B - Virtual size: 965B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ