4657e51e3ea0932e3fc64f4dcd413657_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4657e51e3ea0932e3fc64f4dcd413657_JaffaCakes118
Size

124KB
MD5

4657e51e3ea0932e3fc64f4dcd413657
SHA1

1f85ca01920e7c061f43b8d445704732b39bf1f2
SHA256

b04f450905ba8b1e53f60bd0d57debb55082630a37e3b0e42df5058899bc7f5e
SHA512

37758275347871990e38b9eecf568e948e8f165a81fa481b93a521294b616c0a98aeb128eacd3e2bf88a2e33555367e0c01026b4acfdf98735a0413b8aaefe0b
SSDEEP

3072:kFk4AHk/oWccVWj/nuD7sCI1jer/uJ1vIK5gz5XLgA:GkzhWnVWDM7POjeDevIK5gzK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4657e51e3ea0932e3fc64f4dcd413657_JaffaCakes118

Files

4657e51e3ea0932e3fc64f4dcd413657_JaffaCakes118
.exe windows:4 windows x86 arch:x86

304a61e29ea92544a7b774a74df8ad0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessTimes
GetDllDirectoryA
CloseHandle
GetStartupInfoA
GetCommandLineA
GetFileAttributesA
VirtualAllocEx
GetModuleFileNameA
GetTimeFormatA
LocalAlloc
GetSystemDefaultLCID
GetModuleFileNameA
GetCommMask
Heap32ListFirst
ExitProcess
LoadLibraryExA
WaitForMultipleObjectsEx
FreeEnvironmentStringsA
HeapSize
LoadResource
GetSystemTimes
MapUserPhysicalPages

user32

RegisterWindowMessageW
RecordShutdownReason
PackDDElParam
IsWindowVisible
MapDialogRect
SetMenuItemInfoA
RegisterTasklist
OemToCharA
PostThreadMessageA
GetWindowTextLengthA
OpenWindowStationA
LoadMenuIndirectA
GetScrollRange

gdi32

LineTo
DeleteObject
PatBlt
StretchBlt

advapi32

RegOpenKeyExA
RegCloseKey

Exports

Exports

Mxejyhnw
Msffvndua

Sections

.textbbs
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 112KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ