a7d28aa3fc46d709c205eb824c3a8b6e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7d28aa3fc46d709c205eb824c3a8b6e_JaffaCakes118
Size

392KB
MD5

a7d28aa3fc46d709c205eb824c3a8b6e
SHA1

ff7e8435ba7fdcc32890307ad334d8cdb27c8a6b
SHA256

59a157ce4f3c6ec03c24b364db69c064f3da7e702c15bfae90959c38b5d66c95
SHA512

a89b87be6d7ac52a0065b30c8106933752e8306d5ce3e27af070151233c95dd20dd361eddacb2222f042feba673781a3eef0bbeb84779621820a5a5c81011f31
SSDEEP

12288:rgM/ApUvsfRh+ajZCBAMXoUK0VHiOSzpS:ECvS1075VHiOSzc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7d28aa3fc46d709c205eb824c3a8b6e_JaffaCakes118

Files

a7d28aa3fc46d709c205eb824c3a8b6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

795c9f2fc0b8f6b00c76688e1a3f9f50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
CreateMutexA
UnmapViewOfFile
FindResourceA
ExitThread
TlsGetValue
CreateFileA
GetACP
ReleaseMutex
LocalUnlock
GetModuleHandleA
GetProcessHeap
HeapDestroy
HeapCreate
GetLastError
LoadLibraryExW
SetLastError
GlobalFree
GetEnvironmentVariableA
SetConsoleCursorInfo

user32

CopyRect
GetDC
DispatchMessageA
GetFocus
GetDlgItem
DefWindowProcW
DrawEdge
FillRect
CallWindowProcA
IsWindow
DrawMenuBar
GetIconInfo
CheckRadioButton

uxtheme

GetThemeRect
DrawThemeIcon
DrawThemeText
GetThemeSysInt
DrawThemeEdge

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ