a4ca28f5ed487b2bcc10c28b69af875c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4ca28f5ed487b2bcc10c28b69af875c_JaffaCakes118
Size

131KB
MD5

a4ca28f5ed487b2bcc10c28b69af875c
SHA1

d2af360800265e5c22acf7581bdb72224eeac4e0
SHA256

979258cc68a413e0f2aa01adc3353bb05bd2d9df342495387dc2b96dda54fbd7
SHA512

0418e551d410004f78dba7c6f31f7ed813902e9891cfbf1a5011de3de3be089b176ae3a797892586410271d21d0bbca55bd028075b2029ff2dea801226db9190
SSDEEP

3072:EzxtzxywkhuRVFJ3T2xXzcyk2TWM7+9PCzItIHhhHyTtqCEoG:qZywIEV33T3CTWMcCEYXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4ca28f5ed487b2bcc10c28b69af875c_JaffaCakes118

Files

a4ca28f5ed487b2bcc10c28b69af875c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ce96cb98a19ee18e88050469b83f5cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
ExitProcess
SetErrorMode
LockResource
ReadFile
LoadLibraryA

msvcrt

exit
sprintf
calloc
srand
sqrt
rand
mbstowcs
clock
memset
wcstol
swprintf
atol
malloc

gdi32

SetBkMode
CreatePenIndirect
SetPixel
LineTo

user32

GetMenuItemInfoA
IsCharUpperA
GetMenuItemCount
EnableWindow
GetMenuItemID
GetMenu
GetActiveWindow

Exports

Exports

_SDo3p6Bl@8
_OIwuY6bN3uE@8
ZIldrmPmtiU94@16
NqKFiNHN@20
CgZxBNfuvJ
_t8EgTz@8
5ShGrJVF@16
AdW2CDS
_rDWfJRj_oWdS
i3X1Ujxq4FQB
_NjNlT65L2KrD@12
2YZW8pqRfKb
_9RmvuM@20
_iGeD6V
_9TjVd9HO
zTEngTJtHNjwr
fYIX5fetlRDu@12

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ