f1b111f3240bd80b961e264d5a584e4a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1b111f3240bd80b961e264d5a584e4a_JaffaCakes118
Size

130KB
MD5

f1b111f3240bd80b961e264d5a584e4a
SHA1

8df6dd1bf54caf6b34c3506981130bec14319b13
SHA256

f029e7c48520695669819fcc3aaaa6b1de53fc87825b7e8a3bbfa614422b7c84
SHA512

75db66f71223824b73aa14ab4cab86d9e6fab954c6273f0a89bc35c56ecf06e6fcfc04a8aa459c03bfe6e0358f3a2ebce8eade783a77d312ed1ad66bd0b50c43
SSDEEP

3072:iRng+w9A5h2o/SnFjFukw8dFEb0WBoiPTH9Juwd6ndOQuK8UQHr:iRg+w9AXOnFjFTfEb0W3jTedOQjDQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1b111f3240bd80b961e264d5a584e4a_JaffaCakes118

Files

f1b111f3240bd80b961e264d5a584e4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

207f92a7248ee60f2ab1c98109bcda04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegLoadKeyA

user32

EnableWindow
CharToOemA
CharNextA
CharUpperBuffA
IsWindowEnabled
GetMenu
CheckMenuItem

kernel32

CreateFileA
LocalReAlloc
SizeofResource
LoadLibraryA
GetProcessHeap
GetUserDefaultLCID
GetCPInfo
GetStringTypeA
lstrcmpiA
ExitProcess
GetVersion
GlobalAlloc
GetACP
ExitThread
VirtualAlloc
GetLocalTime
GetModuleHandleW
GetSystemDefaultLangID
SetEndOfFile
GetCommandLineA
lstrcpynA
LocalAlloc

comctl32

ImageList_Read
ImageList_Write
ImageList_Add
ImageList_Create
ImageList_Draw
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_DrawEx

Exports

Exports

cBi4dQz@20

Sections

CODE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lkdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ