55ce02d7012cddd2bb6c8cdde70dc26b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55ce02d7012cddd2bb6c8cdde70dc26b_JaffaCakes118
Size

692KB
MD5

55ce02d7012cddd2bb6c8cdde70dc26b
SHA1

3dae8c9b11a2a6eda6dd26d3ab4ad4488caf5a0d
SHA256

ea80728809c0005cf0c48908b3ba68d117eb747a6ba422142750f24913d5d5c9
SHA512

eab66f4414448d98967d4cccac903830387189ab95f9b757c511bf54a6a993ab1d8ed3a8cd1b4ea0630ca72eec1912dad864dcc9d17d0413e3c2f77f15974a9d
SSDEEP

12288:s9fsQwc1l+w7wNMQyiW9vHEIEW6/OPWBOvKQbEB24Qa7OLw6xRuQuFnwE:s9EJGl+n+xiW1HENW6/jR24xQinB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55ce02d7012cddd2bb6c8cdde70dc26b_JaffaCakes118

Files

55ce02d7012cddd2bb6c8cdde70dc26b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b0da48303389da0415b498f979d076b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
CloseHandle
FreeLibrary
GetModuleHandleA
LocalAlloc
GlobalAlloc
GetTickCount
LocalFree
GetFileSize
CreateEventA
GlobalFree
GetVersionExA
GetLastError
lstrcpyA
Sleep

gdi32

GetTextExtentPoint32A
SetROP2
BitBlt
GetTextMetricsA
CreateCompatibleDC
SetPixel
GetBkColor
DeleteObject
GetPixel
ExtTextOutA
CreateFontIndirectA
GetStockObject
CreateSolidBrush

msvcrt

_controlfp
exit
_XcptFilter
_initterm
wcslen
toupper
__CxxFrameHandler
_exit
wcschr
__p__fmode
_except_handler3
_adjust_fdiv
memmove
__p__commode

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 686KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ