565d12735b3575c3d7e408330a09a858_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

565d12735b3575c3d7e408330a09a858_JaffaCakes118
Size

320KB
MD5

565d12735b3575c3d7e408330a09a858
SHA1

461ed58aa789e88872d124d62a7ff0cd095ca90f
SHA256

099cc94cacaa01d14e70ae6b347369857310e68c276fb7c979e2a6b1ee5a62c9
SHA512

1f277b70388303702195a44f288d9d8e2079e200d4035b243d4953f12bf9c8232a18b79e37e0f773192270d45ce6ed1e0eb52a35486a5bed47c00e0d035a1628
SSDEEP

3072:Dk7uvSZZUPVrTJ+FVxRms7phSn++K+w/lfAi6RT:Dk73ZZ0DYjoWl+Kki6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
565d12735b3575c3d7e408330a09a858_JaffaCakes118

Files

565d12735b3575c3d7e408330a09a858_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e84283b29c4c109b8c0582e909bc3c11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
DeviceIoControl
GetCPInfo
GetFileSize
GetPrivateProfileStringA
GetStartupInfoA
GetUserDefaultLCID
GetVersion
IsBadCodePtr
LCMapStringA
LCMapStringW
OutputDebugStringA
SetEndOfFile
SetEnvironmentVariableA
SetEvent
TlsSetValue
WaitForMultipleObjects
lstrlenA

user32

CallWindowProcA
ClientToScreen
EndDialog
EndPaint
LoadCursorA
MapWindowPoints
PtInRect
ReleaseDC
SendMessageA
UpdateWindow

gdi32

BitBlt
CreateFontIndirectW
CreateHalftonePalette
CreatePen
DeleteDC
GetDIBits
GetMapMode
GetObjectW
GetTextMetricsA
GetWindowOrgEx
StretchBlt

shell32

ExtractAssociatedIconW
ShellExecuteEx
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconW

comctl32

ImageList_GetImageInfo
InitCommonControlsEx

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE