a972eb3f82c41daac48eb3d64c973e0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a972eb3f82c41daac48eb3d64c973e0e_JaffaCakes118
Size

392KB
MD5

a972eb3f82c41daac48eb3d64c973e0e
SHA1

9de5237ce52db073ca44c4aa414542efee22db6f
SHA256

c8a37ea05ac9d1ca02cf1039291c171787ff5327853cf01e412f2724aad372a8
SHA512

950dd696e8c4a01f0d384bf4fcebae733ef3db595d96f5a320e590c09c4d8fa80676fe0861b28f0aac5fb6dfb710875a4b4549dca6ffa8f541d39a91ffb861c9
SSDEEP

6144:AqN2mGp9VUwTZtX02giP9YoRRQGb8gJCPankzjzVjyTVyS9m1D4jheFue:GjmwTZSihRQwJCi4zVWThBVege

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a972eb3f82c41daac48eb3d64c973e0e_JaffaCakes118

Files

a972eb3f82c41daac48eb3d64c973e0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2170ce16c0f371b29f1389435426ec3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
SetConsoleCursorInfo
TlsGetValue
Sleep
GlobalFree
FindClose
LocalUnlock
HeapDestroy
CreateFileA
GetModuleHandleA
CreateMutexA
HeapCreate
GetACP
UnmapViewOfFile
SetLastError
ReleaseMutex
GetLastError
FindResourceA
ExitThread
FreeEnvironmentStringsA

user32

CallWindowProcA
GetIconInfo
DrawEdge
CheckRadioButton
GetFocus
DefWindowProcW
CopyRect
FillRect
GetDlgItem
IsWindow
GetDC
DispatchMessageA
DrawMenuBar

uxtheme

GetThemeRect
GetThemeSysInt
DrawThemeIcon
DrawThemeText
DrawThemeEdge

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ