JaffaCakes118_6926e15c889f437925ae2843dff434b0 | Triage

Sharing

General

Target

JaffaCakes118_6926e15c889f437925ae2843dff434b0
Size

51KB
MD5

6926e15c889f437925ae2843dff434b0
SHA1

b69c0393bec5cf9edfd148e8a270a406be01232e
SHA256

3dc75acfcc777ad48d80c661bfaa8bacd1c3dec60a5d0c2b1d3cff1430a0c7d7
SHA512

bdda6620abbc5664fc769ab04b4e2e82e91149968b0228cfc59766c834bcbab3efd0b0cf809b79c5c4476b559576a6a7c3db2ab9249a7540cc7f582bc178a4f9
SSDEEP

768:GpSG0eNVdv4AIUS7FBBBpH4RwHRifkUPYLvyvT0NLCTBN3W:GeaVF40cB3H4Rkif6LKL0NOTi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6926e15c889f437925ae2843dff434b0

Files

JaffaCakes118_6926e15c889f437925ae2843dff434b0
.exe windows:5 windows x86 arch:x86

7eed7b8ef11cde7f12ada601e9a9efb1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\eTubnZq\fgpAksSF\fFCs\vhMGtspI\WxTsxhbd.pdb

Imports

user32

GetDlgItemTextW
MonitorFromRect
GetWindowRect
DialogBoxIndirectParamW
RemovePropW
RegisterClassA
UnloadKeyboardLayout
SendMessageW
RemoveMenu
ScrollWindowEx
GetMenu
wsprintfA
GetForegroundWindow

kernel32

CopyFileW
lstrcatW
OpenFile
HeapValidate
QueryPerformanceCounter
GetSystemDefaultLCID
SetCurrentDirectoryW
SetLocalTime
lstrlenA
lstrcpynA
CreateMailslotW
GetSystemDirectoryA

gdi32

CreateSolidBrush
Rectangle
GetPaletteEntries
CreateCompatibleBitmap
CreateDiscardableBitmap
GetViewportOrgEx
EnumFontsW
SetStretchBltMode
CreateRoundRectRgn

Exports

Exports

?drOikOs@@YGXG@Z
?tlmCbcewaQiGJD@@YGMJG@Z
?joUBvmGxvunyyqa@@YGFPAG@Z
?OhwdmcezPaqbE@@YGJG@Z
?thpUkIukc@@YGFPAD@Z
?zomzMkmcp@@YGXPAF@Z

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ