69512852401ee393f8bc3573b0d9ddb2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69512852401ee393f8bc3573b0d9ddb2_JaffaCakes118
Size

126KB
MD5

69512852401ee393f8bc3573b0d9ddb2
SHA1

57a4cc636004e229d1516e4a5953b2a01f0520d9
SHA256

d8b0e2973ee98376078dc9327c373e28d2396282c3bee047b95b82aad7da1c9c
SHA512

873162d3f30de7604727a89e3a54c0676a2d192cebcc7038b1a412f4a763814ff40b136c183d1704bcca2bd39eac9e8b0c3bcdea354ea390341f6eff38094594
SSDEEP

3072:5ejlsAWv9bXFk8Qzmx9v0sa94DK6gYe974wgCNgXdPVqX:5eRRWv9Vk8Qzm/sBlKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69512852401ee393f8bc3573b0d9ddb2_JaffaCakes118

Files

69512852401ee393f8bc3573b0d9ddb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e425d776ce69b8b3addeb4585a95f50f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentThreadId
HeapFree
IsBadHugeReadPtr
LoadResource
VirtualAlloc
LoadLibraryA
InitializeCriticalSection

shlwapi

SHStrDupA
PathFileExistsA
SHQueryInfoKeyA
PathIsDirectoryA

gdi32

GetCurrentPositionEx
GetDIBColorTable
GetBitmapBits
GetDCOrgEx

comdlg32

FindTextA

user32

LoadIconA
GetSysColor
GetMenu
GetSubMenu
CreatePopupMenu
IsWindow
GetSysColorBrush
GetScrollRange

Exports

Exports

_X2pUtE@8
_7jVhO
_hOmZX@20
_vLkiYMX@20

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ