0d68e95f902009b7dba3a3dc84e69062_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d68e95f902009b7dba3a3dc84e69062_JaffaCakes118
Size

814KB
MD5

0d68e95f902009b7dba3a3dc84e69062
SHA1

330fba175d47325e4d3c9bec895a3c62d0d78676
SHA256

bd2d1bcaf507847c542a9fbda48804e5079c8a7a28580f644ffc56b1b1ece153
SHA512

2ae7e4a4a3c9a78f45bdc5abe717ee716b38c661aeed0dfa7b939c183455f71fae11b55ac87c5912b7d8952001d3219efc2fd61e3294d5a185228cf2ad2175f0
SSDEEP

24576:RsPNqKMHUooUG03QcVc992KBMAVeLmJCfEKgi1vH6SLVHg0yRrrWnepM2z:9/UoxG03Q9/7BMc2nRgESSLtgzxl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d68e95f902009b7dba3a3dc84e69062_JaffaCakes118

Files

0d68e95f902009b7dba3a3dc84e69062_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4702bf9b9fcd79a4b43c464c6e9e3045

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
HeapCreate
FindClose
GetACP
UnmapViewOfFile
FreeEnvironmentStringsA
FindResourceA
HeapDestroy
GetModuleHandleA
IsBadCodePtr
CreateMutexA
CreateFileA
SetVolumeMountPointA
TlsGetValue
LocalUnlock
ExitProcess
SetLastError
LoadLibraryExA
FreeConsole
LocalFree

user32

DrawMenuBar
DrawEdge
IsWindow
GetDC
DispatchMessageA
FillRect
CopyRect
CallWindowProcA
DefWindowProcW
GetFocus
GetDlgItem
CheckRadioButton
GetIconInfo

uxtheme

DrawThemeIcon
GetThemeRect
DrawThemeEdge
GetThemeSysInt
DrawThemeText

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ