03b40c52612a0c68b9c40b11152ca339_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03b40c52612a0c68b9c40b11152ca339_JaffaCakes118
Size

815KB
MD5

03b40c52612a0c68b9c40b11152ca339
SHA1

a2f89cd2e9b0dcb754c7c9ae4a06af8587a76bd7
SHA256

729a5b6427451b1063912b3b5f764505847ddb2a54b992de240e491ed5360dc1
SHA512

2df0a25aa9f4fafe169df2b4c063656140f44461330dfb5f2410b66b5d924280cfc9c0d9e654ed9424ce1b76205345d149474e4269041994613c1c37370c4b8b
SSDEEP

24576:4g3yMmC3SBfOkWEpy3WF9armRvLeEoES5:4g3yMrJUy29armRvMh5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03b40c52612a0c68b9c40b11152ca339_JaffaCakes118

Files

03b40c52612a0c68b9c40b11152ca339_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45a9a69816a027dc9db47a0e33696cb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
FreeConsole
GetACP
GetModuleHandleA
TlsGetValue
CreateMutexA
FreeEnvironmentStringsA
UnmapViewOfFile
MapViewOfFile
IsBadCodePtr
LocalFree
GetLastError
HeapCreate
FindClose
LoadLibraryExW
SetLastError
ExitProcess
SetVolumeMountPointA
HeapDestroy
CreateFileA

user32

DrawEdge
CheckRadioButton
DispatchMessageA
GetDC
IsWindow
CallWindowProcA
FillRect
GetIconInfo
CopyRect
GetDlgItem
GetFocus
DrawMenuBar
DefWindowProcW
MessageBoxA

uxtheme

DrawThemeEdge
GetThemeSysInt
GetThemeRect
DrawThemeIcon
DrawThemeText

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ