b0a0a15e00d6794148038a8d53876b9a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0a0a15e00d6794148038a8d53876b9a_JaffaCakes118
Size

113KB
MD5

b0a0a15e00d6794148038a8d53876b9a
SHA1

d016fbd3527a7a1c21ccc6cedfc1fa138e9db872
SHA256

04857091ec6d3ac0b7f0fad276df2a9686750db91f308813aeba64e9eeac1918
SHA512

24859d43245f7c5ff872bef2f8a96748aeb26b49f741c905ca75bc4f46ebdaf9e944c484b4918f9df137a33daf7576d9f230e86f23ad4a4b3c13c73d50d98e8f
SSDEEP

3072:Mk3gvBrMDBHmf/KcBpF1PX4xCoYljsIytDRD68wb:MRvxMhmf/KO7PXP1sltND68w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0a0a15e00d6794148038a8d53876b9a_JaffaCakes118

Files

b0a0a15e00d6794148038a8d53876b9a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d95905f914eeedeccdb647b916f5a18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Copy
DllGetVersion
DrawStatusTextW
ImageList_LoadImageW
CreateToolbar
DrawStatusText
CreateToolbarEx
MenuHelp
ImageList_EndDrag

advapi32

RegSetValueW
RegOpenKeyExA
RegEnumValueW
RegSetValueA
RegOpenKeyW
RegDeleteValueW
RegEnumKeyA
RegCreateKeyExA
RegEnumKeyExA
RegCreateKeyExW

user32

LoadCursorA
IsMenu
DrawIcon
DialogBoxParamW
GetMenu
CopyIcon
CloseWindow
DrawTextA
IsWindow
EndDialog

gdi32

SetTextColor
CreateFontIndirectA
CreateCompatibleDC
RestoreDC
GetClipBox
GetPixel
CreateDIBitmap
GetBitmapBits
ExtTextOutA
CreateCompatibleBitmap

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ