68780574d3e470278802486c4791b2c9_JaffaCakes118 | Triage

Sharing

General

Target

68780574d3e470278802486c4791b2c9_JaffaCakes118
Size

191KB
MD5

68780574d3e470278802486c4791b2c9
SHA1

db051001eac8a151fdb81ce1ac7b2b7c9a38c080
SHA256

04f528fb741d683085f58958f79d9359b26931d2c96c28e54e92e2da584f8484
SHA512

de7a18ab3509c962bbdf837ca01a495d167ff0c7d4a37947cc10046d6d537dd4b56a2dbc262cbe164e9ea22ccc8970585858cb4963393412295b16ebb99a3002
SSDEEP

3072:H9z18Sr6t1eq4Ku0QS9kJq5Vo1F2DdBIX/cs7o8RqO:Z18uaeqJQglIF2JBIX/csU8RF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68780574d3e470278802486c4791b2c9_JaffaCakes118

Files

68780574d3e470278802486c4791b2c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a19652c7a03a26c0958f21155ae0609

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

comdlg32

FindTextA
ChooseColorA
GetOpenFileNameA
GetFileTitleA

user32

GetWindowTextLengthA
IsIconic
SetWindowLongW
wsprintfA
GetParent
IsWindow
SetScrollRange
SetWindowPlacement

gdi32

CreateDIBitmap
SetBkMode
GetClipBox

shell32

SHFileOperationA
SHGetDesktopFolder
SHGetFolderPathA
SHGetFileInfoA

oleaut32

OleLoadPicture

kernel32

GetModuleHandleA
GetStartupInfoA
GetOEMCP
VirtualAlloc
ExitProcess
GetCommandLineW

Exports

Exports

_41N
_FV

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ