56dec239034529191fb0fb2231e1073d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56dec239034529191fb0fb2231e1073d_JaffaCakes118
Size

886KB
MD5

56dec239034529191fb0fb2231e1073d
SHA1

34d32eb56a222cc77dafa16bc6202f80a85f691b
SHA256

792d067e8084cc5b257f4a670fec86b09e6949df7cf3c21cc6d86ce5ccc2022a
SHA512

2ee102a1ba7c485b3e0a213e9af4dafffc99873c59c93a1cdb327c591743552f450afce1249fc29f3f4b3d673b37f5dd427d24fad785f13ff7f03af1290b4f2d
SSDEEP

24576:N3arO8gY32BifHVdDeAj97SmsbxccsM7:Qy8gU2wDTVQ44

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56dec239034529191fb0fb2231e1073d_JaffaCakes118

Files

56dec239034529191fb0fb2231e1073d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81dd39a87f239eba908556865a83411d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
MessageBoxA

kernel32

GetTempPathA
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

shell32

ShellExecuteA

gdi32

CreateCompatibleBitmap

comctl32

InitCommonControls

advapi32

RegOpenKeyA

comdlg32

GetSaveFileNameA

Sections

.text
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 290KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.by JCVO
Size: - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.by JCVO
Size: 595KB - Virtual size: 594KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE