237f4317ce149ebacf63a362d6ce7e57_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

237f4317ce149ebacf63a362d6ce7e57_JaffaCakes118
Size

194KB
MD5

237f4317ce149ebacf63a362d6ce7e57
SHA1

11138a7f03a795b2276ab5c78337e78561d909d3
SHA256

9163b542d202f72c035d0b4f5d7a779a563efa85518ea8ae2109e83ec66fa5ba
SHA512

eccbdd1dde3bcdae761593d243e44e0cdfc98b620fdd1817eba41d62148c468150a3f16f08446fca69f8264ac192ced5135040d854694616794bae80cf2384ab
SSDEEP

3072:8/6tDWb9AopvAykYDkNHd4wBp1q5UMkQsPoQMtfc:8jBpvAFYDSHd4wBy+hrMtf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
237f4317ce149ebacf63a362d6ce7e57_JaffaCakes118

Files

237f4317ce149ebacf63a362d6ce7e57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67a99e8e4b7323d802f9e537ef5ff70d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

ShowOwnedPopups
GetWindowLongA
SystemParametersInfoA
LoadIconA
ShowScrollBar
IsWindowEnabled
GetActiveWindow
ShowWindow
GetMenuItemCount
GetFocus

gdi32

SelectPalette
GetBkMode
SelectObject
GetTextAlign
SaveDC

kernel32

GetCurrentThreadId
GetModuleHandleA
GetCPInfo
ExitProcess
GetCurrentProcessId
GetCommandLineA
lstrlenA
VirtualAllocEx

shlwapi

SHGetValueA

Exports

Exports

_rHESn_fe@16
KRMs9SkYZdznwc
_2qQjwOqd@24
3LK7j
kf_kQrw@16

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ