321512b21788879da192353b2e20e429_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

321512b21788879da192353b2e20e429_JaffaCakes118
Size

110KB
MD5

321512b21788879da192353b2e20e429
SHA1

159dc171125b034c1384dd288d0afa2073e728f3
SHA256

9d4f42102617c7912d6cfad571de6fd9185425295d1c7e026d50a9d01a991962
SHA512

48e45ce1c08f69e184659100a54a5095f56b751d1351a74b945eba19c053660111977238d2b2b99145e95eaeaa4e27f709af1b27a94c9ecad20a87fd2dbc65e8
SSDEEP

3072:r8USDVmPJxzSRPPnwi4hx2+iCRVRD68wb:IHDVExzw/cWsRbD68w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
321512b21788879da192353b2e20e429_JaffaCakes118

Files

321512b21788879da192353b2e20e429_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e0d0fb3656851ce4d88f2ce0a27f939

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegCreateKeyExA
RegSetValueW
RegQueryValueExW
RegCreateKeyW
RegOpenKeyExA
RegQueryValueA

comctl32

ImageList_Add
MenuHelp
ImageList_GetIconSize
ImageList_DrawEx
CreateMappedBitmap
DrawStatusTextW
DllGetVersion

gdi32

CreateBrushIndirect
GetCurrentPositionEx
GetPixel
CreateHalftonePalette
DeleteObject
CreateSolidBrush

user32

DrawIconEx
LoadCursorA
CreateIcon
DrawIcon
GetWindowTextA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 847B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ