f00eb4878c9d13ce655f9cc7a8091279_JaffaCakes118 | Triage

Sharing

General

Target

f00eb4878c9d13ce655f9cc7a8091279_JaffaCakes118
Size

59KB
MD5

f00eb4878c9d13ce655f9cc7a8091279
SHA1

7ecb6f33aafab51340a32bb4e14b2b1bb87f03c2
SHA256

cbae448c6e708c9ab133126e737027868a743765518d281f44c9ae4986476857
SHA512

47cd4d27649b1a865dd74d39c82bcbcd5242f802c9e932b95dbcfde6f8358ba31ab0d585be055b73080d0efc7cd02b31329cbe24263adf5216e9b9aafdf9354c
SSDEEP

1536:0hIRzq+5hRpfvc7IwmQyaOsV8XIJGFEr4lvxW1wbD8BFyPMfvx:TfwNyaOPXIJuEr41xWiDPPMfp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f00eb4878c9d13ce655f9cc7a8091279_JaffaCakes118

Files

f00eb4878c9d13ce655f9cc7a8091279_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8eac520bc0c8e1ec405d863ba5d74f0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
malloc
free
memcpy
memmove
_CIsqrt
_CIlog
floor
ceil
_CIexp
fclose
fabs
strlen

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
HeapFree
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReadFile
GetLastError
FreeLibrary
LoadLibraryA
GetProcAddress
HeapReAlloc
HeapAlloc
TlsAlloc
GetVersionExA

user32

GetForegroundWindow
DestroyIcon
FillRect

gdi32

DeleteDC
GetObjectType
DeleteObject
GetObjectA
CreateCompatibleDC
GetDIBits
CreateDIBSection
SelectObject
BitBlt
CreateBitmap
SetPixel
GetStockObject

comdlg32

PrintDlgA

Sections

.code
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ