370682c1e79f6e068b9ebfac95f9f499_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

370682c1e79f6e068b9ebfac95f9f499_JaffaCakes118
Size

120KB
MD5

370682c1e79f6e068b9ebfac95f9f499
SHA1

2241ee8d1ac64818eda8a29a7c1da0ee1f6ec81b
SHA256

d484a92f6b9b24d9e01900a9e6bc2e85c65ced8c9b0bb9b0fd5e5c48f80fd859
SHA512

83f814aad19f685eabf0916e33c4e8e68847548c71ac328c9967bdf4e0bbf9cd73b606b39fc09ce0c72c33b3356f4a5756aa4c4fd1290815ed5d09dd94dae82b
SSDEEP

3072:2U3PbHQhMyqpvaQkruajpEn5Ku1JB4rgEIw:2IQqysvaQmuajp2l3E7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
370682c1e79f6e068b9ebfac95f9f499_JaffaCakes118

Files

370682c1e79f6e068b9ebfac95f9f499_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eba273ef5b523e6890fce74d04f90267

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
SizeofResource
GetCommandLineA
SetThreadLocale
GetThreadLocale
LoadLibraryA
VirtualAllocEx
ExitProcess

user32

CreateMenu
EnableWindow
KillTimer
GetActiveWindow
EndPaint
GetMenu
IsCharLowerA
EnumChildWindows
EnableScrollBar
GetFocus
DrawMenuBar
GetCursor

Exports

Exports

_UbhDXRhSh6nU
Bvz0i@4
_paCoHv1VvR@12
9TlEC4X
4n4W1WB
_ORP7Vxw1
53xvIvkU2bB@20
_QpiumntaLi@24
_d8Vbg9ZzlZao
afYk2E1VRvThcI
QfkCyO4@20
gr9eSL8sLCkuVC

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/string.txt
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/BITMAP/BBALL.bmp
.rsrc/1033/BITMAP/BBCANCEL.bmp
.rsrc/1033/BITMAP/BBCLOSE.bmp
.rsrc/1033/BITMAP/BBHELP.bmp
.rsrc/1033/BITMAP/BBIGNORE.bmp
.rsrc/1033/BITMAP/BBNO.bmp
.rsrc/1033/BITMAP/BBOK.bmp
.rsrc/1033/BITMAP/BBRETRY.bmp
.rsrc/1033/BITMAP/BBYES.bmp
.rsrc/1033/BITMAP/PREVIEWGLYPH.bmp
.rsrc/1033/version.txt
.text