b862726fedd668467148667fb58079e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b862726fedd668467148667fb58079e1_JaffaCakes118
Size

42KB
MD5

b862726fedd668467148667fb58079e1
SHA1

3eb4d88e84a5363e4381619c550bcd94efa56b28
SHA256

f1611cbc1b58e1ead34339e12bef8db9a211ae3f7145bef1ccf4f1699fd39c2a
SHA512

dbb560a827cff61564404dba8bb735948c6fd904e114aa6f752bbff8da4c6d2d9acb513eb3b167d23cc9a643cc5992b7bf7e673e26a8adca74d16cefdc5574db
SSDEEP

768:/fXtCG6mWHevRh9Mjv8GVSlOjNzS20fL4EfIywVkIioYaT25BsDY0tI5iztQ:nXtPfRbMj3VSlKSle9Tz0gI5izO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Hot_Girls_Catalog_2012_August.exe

Files

b862726fedd668467148667fb58079e1_JaffaCakes118
.zip
Hot_Girls_Catalog_2012_August.exe
.exe windows:5 windows x86 arch:x86

8e6d1fa98f1cba4ff3910a228366ccb4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetThreadDesktop
SetDlgItemTextA
EnumDisplaySettingsA
GetScrollInfo
GetWindowThreadProcessId
SetWindowTextA
EnumWindows

comctl32

ord17

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

GetUserDefaultLangID
GetDateFormatA
GetSystemDefaultLangID
GetTickCount
HeapFree
SetFileAttributesA
GetStartupInfoA
DeleteCriticalSection
FreeLibrary
LoadLibraryA
GetProcAddress
InitializeCriticalSection
HeapAlloc
HeapCreate
IsBadReadPtr
LocalFree
GetTimeFormatA
GetLocalTime
LocalAlloc
GetHandleInformation

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ