422dd7c03bc530ee4cb32d0ffbd5cb7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

422dd7c03bc530ee4cb32d0ffbd5cb7c_JaffaCakes118
Size

72KB
MD5

422dd7c03bc530ee4cb32d0ffbd5cb7c
SHA1

e3a3a33a79cc9d06042fd8db1d8eff7d1e4e7465
SHA256

0db31543c5c4413cdeb2ebf5d11f74273ea0abaadfc5331f49502df0d3d55193
SHA512

4978dc531c6d9ae7ea200969f14971dcd32546e91f21cfccf807a31f2ba3fb9558fd795e541823fc0a7c6afe982766fcc53b0f0ce8d538cddad250064c2d7350
SSDEEP

1536:fOlQYNBXDUkP3aUHmtTCCHWqe9ZJGK8JWT9fcNvgrbgc5o9+1SQh2NA:fOl7N1ATt2Cy0tcbgcS+1jh2q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
422dd7c03bc530ee4cb32d0ffbd5cb7c_JaffaCakes118

Files

422dd7c03bc530ee4cb32d0ffbd5cb7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f0222c61ff4bee80ccd3d0100a9411f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
DeleteCriticalSection
ExitProcess
GetACP
GetCommandLineA
GetCommandLineW
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetPriorityClass
GetProcessAffinityMask
GetStartupInfoA
GetTickCount
GetTimeZoneInformation
GetVersionExA
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
OpenEventA
ReadProcessMemory
ResetEvent
RtlUnwind
SetEnvironmentVariableA
SetLastError
SetUnhandledExceptionFilter
SizeofResource
TlsAlloc
VirtualFree
lstrlenW

user32

SetClassLongA
RegisterWindowMessageA
MessageBoxA
LoadIconA
GetWindow
GetDlgItemTextA
GetDlgItem
DrawEdge
CreateDialogParamA

ole32

CreateAntiMoniker
CoTaskMemAlloc
CoCreateInstance
CoBuildVersion

advapi32

LsaClose

olepro32

OleCreatePropertyFrameIndirect
OleTranslateColor
OleCreatePropertyFrame
OleCreatePictureIndirect

Sections

.text
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ