55c0d00e2d5e88c6d9bcc03b986dd80b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55c0d00e2d5e88c6d9bcc03b986dd80b_JaffaCakes118
Size

124KB
MD5

55c0d00e2d5e88c6d9bcc03b986dd80b
SHA1

9c8028e9594a6860bca8ee00940a8df28c7142ce
SHA256

ae8cf318089c45e6778151575402d85de9350d19817b623ef052928128756385
SHA512

64f78048aaa23b718a4d7d85e4a93d0c61ce92a2f20880c311a474e5d068b9fc40053e67324af5d29cd0cb877883bf35a1ed2c70611b7cab98d5eb0ae85addb6
SSDEEP

3072:+TTWLWObfY0RC0xBioIj9/rExfwnStBXXqVdK39:+vWnbfY0RCHjNrwfwnaX1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55c0d00e2d5e88c6d9bcc03b986dd80b_JaffaCakes118

Files

55c0d00e2d5e88c6d9bcc03b986dd80b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73493cfd656d6a1184f7c91feedd0b1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memmove
malloc
clock
calloc
tolower
wcschr
mbstowcs

shlwapi

PathIsDirectoryA
SHQueryInfoKeyA

gdi32

CreateBrushIndirect
GetRgnBox
GetBkColor
CreatePalette
GetDIBColorTable
CreateBitmap
GetPixel
SelectPalette
SetPixel

kernel32

VirtualAllocEx
IsBadHugeReadPtr
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetStdHandle
GetProcessHeap
GetStartupInfoA
ExitThread
GetCommandLineW
GetOEMCP

user32

GetMenu
SetWindowLongW
OpenIcon
IsWindowUnicode
GetWindowTextLengthA
SetWindowPos
SetWindowLongA
SetWindowPlacement

Exports

Exports

_6L2Cf@12
o7RLibyc4dV3Q
Qd01KSq@8

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ