326750a074b50ac4a4d5de55d4972b40_JaffaCakes118 | Triage

Sharing

General

Target

326750a074b50ac4a4d5de55d4972b40_JaffaCakes118
Size

132KB
MD5

326750a074b50ac4a4d5de55d4972b40
SHA1

02d2505594af312c9fb6c0a0b880f94f526915fb
SHA256

49885824e20e438fda2e555e6c58cb96b9eb1b59f6f9072d2da9455f18d4178b
SHA512

8b3712c45004f5ae8fad0ce92c9594f3e6b06b6e82d75c5382fcc77eb39d93b29c16e99ae2dd5dec1885a28d10c4df90a564556d566243d3def174b7f3df15f0
SSDEEP

3072:Ce8DiQU6jEDAclaQr8pbPT4b/O/XyyobrQ:CxNGEkFQF4b0of

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
326750a074b50ac4a4d5de55d4972b40_JaffaCakes118

Files

326750a074b50ac4a4d5de55d4972b40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87570cf584f2a1a78779ec1b54162620

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardState
GetMenu
GetKeyNameTextA
CharNextA
GetKeyboardLayoutNameA
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyState
GetWindowDC

kernel32

GetCommandLineA
LoadLibraryA
MoveFileA
MoveFileExA
MulDiv
VirtualAlloc
ExitProcess
IsBadHugeReadPtr
GetCommandLineW
LocalAlloc

comctl32

ImageList_Draw
ImageList_Add
ImageList_GetBkColor
ImageList_Create

shell32

SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation

gdi32

CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
GetBkColor
CreateDIBitmap

Exports

Exports

_uKLcmum@8
LhMa9
_oevETDSzanjPq
_ghlyIHl

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ