8a6667202c15a935773516c1fe24f52c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a6667202c15a935773516c1fe24f52c_JaffaCakes118
Size

57KB
MD5

8a6667202c15a935773516c1fe24f52c
SHA1

11acc717e6c6903df6ea20c5248e781623f4b0c9
SHA256

fee662e84055f1d150a20414ff99dfe4581be380b81bcbf6e801f6a6fed95439
SHA512

131f8f6232ebdd4711e47c32a176885b417790f6915946c3878c7139f4f837767bb017fe1f93c5c388e522bdae98b991745372045e301930df864f173f5cc019
SSDEEP

768:Iy6/KZeugQh+nKecv1EH4bqfw+Sbiuz+avgvZv++vA8SL1UonoC0WgKKopFRIV:I9EHxwCgtqblCJhW+vA8SKonoCZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a6667202c15a935773516c1fe24f52c_JaffaCakes118

Files

8a6667202c15a935773516c1fe24f52c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7daeca425d655684418810fd0f9ec65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawCaption
DeleteMenu
DefDlgProcA
CreateMenu
CreateMDIWindowA
CreateIconFromResourceEx
CreateIconFromResource
CreateIcon
CreateDialogIndirectParamA
CreateDesktopA
CloseWindow
CharUpperBuffA
CharToOemBuffA
CharPrevA
CharLowerA
BeginPaint
ActivateKeyboardLayout

kernel32

EnumResourceTypesA
lstrcmpiA
lstrcmpA
lstrcatA
TlsSetValue
TlsAlloc
Sleep
SetLastError
SetEndOfFile
RtlUnwind
ReadFile
OpenFileMappingA
OpenFile
LoadResource
LeaveCriticalSection
GetVersionExA
GetTimeFormatA
GetPrivateProfileStringA
CloseHandle
CompareStringA
EnterCriticalSection
ExitProcess
FlushFileBuffers
GetModuleHandleA

Sections

.text
Size: 17KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ