43590951d7a7dee35be86a1f6ee12b02_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43590951d7a7dee35be86a1f6ee12b02_JaffaCakes118
Size

197KB
MD5

43590951d7a7dee35be86a1f6ee12b02
SHA1

925067c8a054b8a4bc1636df6e423d315e24541c
SHA256

d53bc1f5e79b189cd28f7343e4e22d170b4111052b49f8f8b8492b4c945b5221
SHA512

00bfe9934d36488f8f91dbdbbbeff05e86ac7cd2c49c42cd8d14d974785c2f86ea6687d1af18913ae2003ec3d246ae2357e9d823f193696eb96156cac95b892d
SSDEEP

3072:8K/oR4CtxZep2EfppMIcZ6lK/aELE3j2DWb5gjg80cTRc+iH//sfndOv:NQtnepxppFcYELhe/5+iH/andOv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43590951d7a7dee35be86a1f6ee12b02_JaffaCakes118

Files

43590951d7a7dee35be86a1f6ee12b02_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eb007d540d566b64320ae6c5723a5348

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\donrocnoneYettcabsofapelted~\sayBornVideopfrigadpapelted~\romkatoswaySownbugboapelted~\BilkDhalSkitavaqigboapelted~\YidsmurhosGanelogdugaywyeas~.pdb

Imports

gdi32

GetTextExtentExPointW
SetLayout
GetTextColor
Polyline
SetDIBits
GetClipBox
SetPixel

kernel32

GetFileType
HeapCreate
WaitForMultipleObjectsEx
UnlockFile
Sleep
TlsFree
FormatMessageA
CompareFileTime

user32

GetActiveWindow
GetNextDlgTabItem
IsWindowUnicode
FillRect
LoadBitmapA
CharNextA
DestroyWindow
HiliteMenuItem
GetWindowLongW
CreateWindowExA
LoadMenuA
GetMenuState
GetSysColor
CharLowerW
SetDlgItemInt
SystemParametersInfoW
EnumThreadWindows

shlwapi

PathIsDirectoryA

Exports

Exports

PutWindowInfo@12
OnSystemExA@12
DeviceExA@12
DataW@4
IsNotSizeEx@16

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ