387e69666daec6e50bf90f3c5ce2d77a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

387e69666daec6e50bf90f3c5ce2d77a_JaffaCakes118
Size

277KB
MD5

387e69666daec6e50bf90f3c5ce2d77a
SHA1

a20d4019358395e2c3cfb053e8dbbfe41324e561
SHA256

c574cd36581757c58c4c7a2d1eeb25ae241f6d780947e5ad467350bf91ffa0c6
SHA512

59ef4bfe08cc7301acd646bc812ccecb9ce2a20869095ecaf3900cfa9ec659938003f5db54bf2f1e9b74c8d0070dcb8fa4cb2a8746aef9870388c8465baf3050
SSDEEP

6144:uUUpetF3JL0UA63GbRD7P8vdKSKfsKwcs7Oq:uhAhJLjrOd7UvLKKOq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
387e69666daec6e50bf90f3c5ce2d77a_JaffaCakes118

Files

387e69666daec6e50bf90f3c5ce2d77a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31976e0114ada8ee86a77b38066ae0f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
ExitProcess
GetCommandLineW
GetLocaleInfoA
GetLastError
GetFileSize
ExitThread
LoadLibraryA
FindResourceA
GetProcAddress
IsBadReadPtr
GetCommandLineA
GetModuleHandleA
VirtualAllocEx
lstrlenA

user32

IsDialogMessageW
GetKeyboardType
GetSystemMetrics
UnhookWindowsHookEx
GetScrollPos
InvalidateRect
OemToCharA
FrameRect
GetParent
RegisterWindowMessageA
MessageBoxA
DestroyMenu
DeleteMenu
EndPaint
GetWindowLongW
SetMenu
GetMenuItemCount
IsIconic
GetScrollRange
CharNextA
GetDC
RedrawWindow
WaitMessage
CharUpperBuffA
GetMenu
LoadCursorA

oleaut32

SafeArrayGetElement
OleLoadPicture
SysAllocStringLen
SysStringLen
GetErrorInfo

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 739B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ