3be6e3aeebfcd8b0a5efaf019bd4dc95_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3be6e3aeebfcd8b0a5efaf019bd4dc95_JaffaCakes118
Size

699KB
MD5

3be6e3aeebfcd8b0a5efaf019bd4dc95
SHA1

04e02d9e7555e7007c74634c886fab7f5ab82c52
SHA256

d7c615da0c2853a7482d9713bfcfa235f7f8c57fa3cb77cbbf46262e4d8ea4bd
SHA512

3b28fe8ad9fe205c0e7d94383ec20fdfa62f0ab2919fadd5d47049b7bdc4ec07f7b969e02caa930e8f6e335373fd92b195c85921a99f0eaf7c983890eeb34b42
SSDEEP

12288:MQ6BYINUcWg7VvbCLx69iG6uNmJFl5H1A3H25MireHSobh8V3IGhEr:MvBYCIg7VTYY9HQXVS29sOVY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be6e3aeebfcd8b0a5efaf019bd4dc95_JaffaCakes118

Files

3be6e3aeebfcd8b0a5efaf019bd4dc95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45b8d1e2fe44db117354c0098116681f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
GetModuleHandleA
Sleep
GetFileSize
GetLastError

gdi32

GetTextMetricsA
CreateSolidBrush
LineTo
DeleteObject
CreateCompatibleDC
CreateFontIndirectA
GetPixel
PatBlt
SelectObject
GetObjectA
ExtTextOutA
GetStockObject
MoveToEx
GetDeviceCaps
SetROP2
SetPixel

user32

ScreenToClient
EndPaint
GetSysColor
DestroyWindow
CreateWindowExA
DispatchMessageA
EndDialog
LoadIconA
GetClientRect
DialogBoxParamA
TranslateMessage
SetWindowTextA
PostQuitMessage
GetWindowRect
MessageBoxA
SetFocus
GetFocus
BeginPaint
GetMessageA
ShowWindow
DefWindowProcA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 692KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ