097a31e128c0f3f76133623c6918f9c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

097a31e128c0f3f76133623c6918f9c2_JaffaCakes118
Size

74KB
MD5

097a31e128c0f3f76133623c6918f9c2
SHA1

5fac92feca43a67bf4afb736a9d9ae7e8fd5b91d
SHA256

ec95b18dffba4a9a3ac02a9bb4c6484ca79a355f9a71f218a9ada94b7ffb69c9
SHA512

d2d99ec6680b41fd660975c6c804e8e3d0ed2da7105bfeda4a1c661e4a1b00a68da1e04ed5780306ee241cf4cfe96511eb43e2dd90a6d837e2526cd23fc7adf7
SSDEEP

1536:mi+JX2nLKCbSzQm/QLSQE4F8AjQVfRGbp1RUgSbOVALh:mi+BALK6SzQmw1FGJGnct

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
097a31e128c0f3f76133623c6918f9c2_JaffaCakes118

Files

097a31e128c0f3f76133623c6918f9c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49ff8e64442dd52dae012be800d9c156

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixel
GetTextAlign
GetPaletteEntries
GetObjectA

user32

IsCharUpperA
CharNextA
MoveWindow
GetSystemMetrics
IsWindowVisible
GetWindowLongA
CreateWindowExA
MsgWaitForMultipleObjects
wsprintfA
GetFocus
IsWindowEnabled
GetMenu

advapi32

GetUserNameA

version

GetFileVersionInfoA

kernel32

ExitProcess
ReadFile
GetVersionExA
IsBadHugeReadPtr
VirtualAllocEx
GetLocalTime
GetCurrentThreadId
RaiseException
DeleteCriticalSection
SetLastError
ExitThread
GetModuleHandleA
GetFileType
LockResource
GetStdHandle
GetCommandLineW
GetProcessHeap
GlobalAlloc
lstrcpyA
IsBadReadPtr
SetHandleCount

Exports

Exports

2peeyZNuEDo_UR
_bdKXLgIfGYc@16
pzVOEYVLv

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ