420a406b681a2ff849e4d48e2bfb359c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

420a406b681a2ff849e4d48e2bfb359c_JaffaCakes118
Size

29KB
MD5

420a406b681a2ff849e4d48e2bfb359c
SHA1

6cb5a2d776c73d47825dcccf8a71f63763c76bca
SHA256

e9f72ae659586c94a5aebd0a9446da8a376b2fbe15538c2ba90f60aca244f860
SHA512

8bde928760ddf09570d850989042de5fcb71d27040c283319f011165ad285137531133cc2a962807e7f09714d7c913c4616b49d1de8abd0c9faad9fa746f915d
SSDEEP

768:u+l8vAZMsfwWFEzwKZplRxOXF5NL9wJvv6kMnue:u+RZMsfw+EdRsF5NLEX6qe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
420a406b681a2ff849e4d48e2bfb359c_JaffaCakes118

Files

420a406b681a2ff849e4d48e2bfb359c_JaffaCakes118
.exe windows:6 windows x86 arch:x86

acfa6a0fcfc53d41ef10bf40368aac8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
QueryPerformanceCounter
LocalFree
GetCurrentProcess
WaitForSingleObject
GetModuleHandleA
LocalFree
SetEvent
GetModuleHandleA
GetModuleHandleA
GetModuleHandleW
GetCurrentProcessId
MultiByteToWideChar
SetEvent
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcess
WaitForSingleObject
SetUnhandledExceptionFilter
GetCurrentThreadId
GetModuleHandleA
FormatMessageW
GetCurrentThreadId

ntdll

NtAllocateVirtualMemory

user32

PostMessageW
CreateWindowExW
CreateWindowExW
GetMessageW
GetDlgItem
GetMessageW
LoadIconW
GetDC
ReleaseDC
GetDC
LoadIconW
GetMessageW
DefWindowProcW
ReleaseDC
DefWindowProcW
ShowWindow
PostMessageW
GetSystemMetrics
PostMessageW
LoadIconW
SendMessageW
DefWindowProcW
DestroyWindow
GetWindowRect
GetDlgItem
ReleaseDC
DefWindowProcW

Sections

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ