56ff56797e25fa40c304a50efb2134a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56ff56797e25fa40c304a50efb2134a7_JaffaCakes118
Size

48KB
MD5

56ff56797e25fa40c304a50efb2134a7
SHA1

769886b36f9e0ebe81948dfb26844612291b8080
SHA256

e45e457b3471b4e94bc648b3b370d5aa5e33f2e42f5786842cf97acc72ab5b01
SHA512

406745a3d6a6c4e332ae71284ca90dba48a59c92b7adcf6b34d1018affd46934f7a2840fa37dcd2f5fc40f211240f4a2eff3e92e008e04ccaca7327fd8bcf6e1
SSDEEP

768:dDi0/QqoM+CVnhSpbjfvffBkuTZV285U1Yyd+0MylPA6lxMKL31G:pQpMUpXf5zLq/dX7R/3L31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56ff56797e25fa40c304a50efb2134a7_JaffaCakes118

Files

56ff56797e25fa40c304a50efb2134a7_JaffaCakes118
.exe windows:0 windows x86 arch:x86

d3adb4a7e35ef5c7caf8535ac391c1c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetVolumeInformationA
lstrcatA
ExitProcess
OpenMutexA
CopyFileExW
MoveFileA
QueryPerformanceFrequency
GetModuleFileNameA
CompareStringA
GetVersionExA
GetCurrentThread
WaitForSingleObject
CreateDirectoryA
lstrcmpA
ConnectNamedPipe
FatalAppExitA
InitializeCriticalSection
VirtualAlloc

user32

GetClassInfoW
LoadCursorW
GetTopWindow
CharUpperW
ReleaseDC
GetMessageW
MonitorFromWindow
MessageBoxW
CreateWindowExW
GetKeyboardLayout
IsWindowEnabled
MessageBeep
PostMessageW
mouse_event
GetMenu

gdi32

GetDIBits
FillRgn
CreateDCW
RestoreDC
CombineRgn

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ