428e9ad89319538c5d8aea86daccebdc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

428e9ad89319538c5d8aea86daccebdc_JaffaCakes118
Size

63KB
MD5

428e9ad89319538c5d8aea86daccebdc
SHA1

db06692f5b47302790358325353d3331270699d6
SHA256

d611b22b448461335502f3c9124bc0f75ec74c3ef8f6bfcd40da0f47b3662b5d
SHA512

dbf4cb24e1bb02132cb903b25bf0fba6e2a6b4a62fb28298256a020f62db5cfa06e9ce70d6735f619dc7afa3943cc4db5794d88ee5a535e92d64c2dd4b84789a
SSDEEP

1536:tJuYKwU/vWsEXE0I/ipOpVQXilhf9rqdep:2YxUGffI/cFQt9ecp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
428e9ad89319538c5d8aea86daccebdc_JaffaCakes118

Files

428e9ad89319538c5d8aea86daccebdc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1518c4c2901dee7b6623b111c5028a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIcon
GetDesktopWindow
DrawIconEx
GetCapture
GetMenu

ole32

CoCreateInstanceEx
OleCreateStaticFromData
CoRegisterClassObject

kernel32

VirtualAllocEx
GetStdHandle
GetProcessHeap
LoadLibraryA
GetStartupInfoA
ExitProcess
GetProcAddress

gdi32

CreateFontIndirectA
GetBkMode
SetTextColor
GetTextColor
RestoreDC
GetBkColor
GetDCOrgEx

Exports

Exports

_O5stN
_0JIROM4QLD4
wJjrAPdqT1Q@24
uSHPhPm4c@16
YE_m_p6Uh0c5Xj

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ