357ebce70c5b1d28dfed8549185cad4d_JaffaCakes118 | Triage

Sharing

General

Target

357ebce70c5b1d28dfed8549185cad4d_JaffaCakes118
Size

73KB
MD5

357ebce70c5b1d28dfed8549185cad4d
SHA1

c36f226253e599a1d44f78a723d7f08dbc989752
SHA256

23946d871c3bed7c6122c3391f6b00395d772cad8f6255c15962a7556501c9cd
SHA512

be32ce0026b6e626e58b42dfe7b0dc06d719f973467942de9eb13d4cd66fffbfbe300d78979eac8282486226653cc0b2a3d67d76122dda4159e85e151e99aca2
SSDEEP

1536:ePR/tH5CdwfwZgRG3sV7llkrvS4TmQfYMz/+nVRtqlW:ePR/z1YZgRGIlkrFBfYMz/+IW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
357ebce70c5b1d28dfed8549185cad4d_JaffaCakes118

Files

357ebce70c5b1d28dfed8549185cad4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

449a539e4ca15d4572b16ca5b73ad74a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
ExitProcess
GetModuleHandleA
CloseHandle
GetProcessHeap
ExitThread
GetOEMCP
VirtualAllocEx
GetCommandLineW
LoadLibraryA

user32

GetWindow
CharUpperA
DefWindowProcA
GetSysColorBrush
GetCursor
GetMenu
GetWindowTextLengthA
CreatePopupMenu
DefMDIChildProcA
DefFrameProcA

Exports

Exports

_VXIrNCMye0FQWB
_Xq8LBA@24
_mpfEbE0D@8
ZUbDF6Xd2
_wiJFp6

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 451B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text