10159704bf3934adb5cc6bd02ac1b00e_JaffaCakes118 | Triage

Sharing

General

Target

10159704bf3934adb5cc6bd02ac1b00e_JaffaCakes118
Size

74KB
MD5

10159704bf3934adb5cc6bd02ac1b00e
SHA1

8562211dea1bd20f2b5ecc3ee7d850974e8daa24
SHA256

2711c675df19b282474dfdb16de5f5bd8e604a38e914fdcd25917e0c284bebfa
SHA512

323bf9938c98c1c08878079c253647ab4dd0d34b5ed56f9f5547dedb45374a01b672d54403428862c995b5b894d7c0de234a1168ef492070beb07ec9b86bbf3c
SSDEEP

1536:mi+JX2nLKCbSzQm/QLSQE4F8AjQVfRGbp1RUgSbOVALt:mi+BALK6SzQmw1FGJGncZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10159704bf3934adb5cc6bd02ac1b00e_JaffaCakes118

Files

10159704bf3934adb5cc6bd02ac1b00e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49ff8e64442dd52dae012be800d9c156

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixel
GetTextAlign
GetPaletteEntries
GetObjectA

user32

IsCharUpperA
CharNextA
MoveWindow
GetSystemMetrics
IsWindowVisible
GetWindowLongA
CreateWindowExA
MsgWaitForMultipleObjects
wsprintfA
GetFocus
IsWindowEnabled
GetMenu

advapi32

GetUserNameA

version

GetFileVersionInfoA

kernel32

ExitProcess
ReadFile
GetVersionExA
IsBadHugeReadPtr
VirtualAllocEx
GetLocalTime
GetCurrentThreadId
RaiseException
DeleteCriticalSection
SetLastError
ExitThread
GetModuleHandleA
GetFileType
LockResource
GetStdHandle
GetCommandLineW
GetProcessHeap
GlobalAlloc
lstrcpyA
IsBadReadPtr
SetHandleCount

Exports

Exports

2peeyZNuEDo_UR
_bdKXLgIfGYc@16
pzVOEYVLv

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ