3b31eb49cd95056105be29fdaced2d87_JaffaCakes118 | Triage

Sharing

General

Target

3b31eb49cd95056105be29fdaced2d87_JaffaCakes118
Size

74KB
MD5

3b31eb49cd95056105be29fdaced2d87
SHA1

106d43c5a843c6fb09c340d1476bdffefd158f21
SHA256

a7d47ced4b123d8a518effd658b5febf1c4022219acd6960afb6a790e4e22cb9
SHA512

9442aaf4126e310c80aa49f7bb01a6690d3207f522808f60c67fedd5117a6564e3c8cf1a27c3d67324e57ccbcbe198b453317373b525764e2fc09efe3101ef40
SSDEEP

1536:mi+JX2nLKCbSzQm/QLSQE4F8AjQVfRGbp1RUgSbOVALBx:mi+BALK6SzQmw1FGJGnc/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b31eb49cd95056105be29fdaced2d87_JaffaCakes118

Files

3b31eb49cd95056105be29fdaced2d87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49ff8e64442dd52dae012be800d9c156

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixel
GetTextAlign
GetPaletteEntries
GetObjectA

user32

IsCharUpperA
CharNextA
MoveWindow
GetSystemMetrics
IsWindowVisible
GetWindowLongA
CreateWindowExA
MsgWaitForMultipleObjects
wsprintfA
GetFocus
IsWindowEnabled
GetMenu

advapi32

GetUserNameA

version

GetFileVersionInfoA

kernel32

ExitProcess
ReadFile
GetVersionExA
IsBadHugeReadPtr
VirtualAllocEx
GetLocalTime
GetCurrentThreadId
RaiseException
DeleteCriticalSection
SetLastError
ExitThread
GetModuleHandleA
GetFileType
LockResource
GetStdHandle
GetCommandLineW
GetProcessHeap
GlobalAlloc
lstrcpyA
IsBadReadPtr
SetHandleCount

Exports

Exports

2peeyZNuEDo_UR
_bdKXLgIfGYc@16
pzVOEYVLv

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ