a8e79206943771e142b5052a47ef99c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8e79206943771e142b5052a47ef99c4_JaffaCakes118
Size

118KB
MD5

a8e79206943771e142b5052a47ef99c4
SHA1

9515c3b46513a14924efb901c1d5b7e02fe93e72
SHA256

9f229135f84c65bf5d82f2a8a556558274b626065227a2c434ddf80e7eba49a4
SHA512

119c244ab425a745caac38d796efb1bf90590a29c2c70a228b928303950a3444c8e09d243f3cd9d8600aa044dd58689fa4c1af8b0df3c7aed84fd14aafab4aa0
SSDEEP

3072:SMm6dUAOtYvZGLzAmUlwBxskCUhj9xCYPlh8I/hRfXn:wAOtOGLzA9oszSbhRf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8e79206943771e142b5052a47ef99c4_JaffaCakes118

Files

a8e79206943771e142b5052a47ef99c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18a6a802ecf8c468211065e8d7e3d71f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetOEMCP
lstrlenA
GetProcessHeap
LoadLibraryA
GetModuleFileNameA
ExitProcess
GetModuleHandleA

user32

GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetMenu
LoadIconA

gdi32

GetBitmapBits
GetObjectA
GetBkColor
CreateCompatibleBitmap
GetPixel
CreateDIBitmap
CreatePalette
SetTextColor
CopyEnhMetaFileA

shlwapi

SHDeleteKeyA
PathFileExistsA
SHSetValueA
SHQueryInfoKeyA

Exports

Exports

_HRKUL
1wFIS70D@24
_EDbMHwZG6Jd
_ExACTYX9jn6@8
EiFLCnMS88
_LO3qmfZ
KNnBNr@12
_NLi_y4
0iiWB1F@4
_PpbV6eO5Fd@20
_vpHFPkbFxl2rI0
_O54vL38QQwC
_2BAxksHrKslG
5Nc6pBFd@8
_T3EAfgNNAR@16
_fb8X0@8
_o6M17PE8PmZw@24
_o_LKITgfu0sj5@16

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ