be72c443ea9245c3fd8ebcb8ad89aaae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be72c443ea9245c3fd8ebcb8ad89aaae_JaffaCakes118
Size

173KB
MD5

be72c443ea9245c3fd8ebcb8ad89aaae
SHA1

eb0f657b25df0e0e7710651786f132d5f9bee7e1
SHA256

4efb4bd50fe5cd72deda0971c54b69955450babc2c0a375cca42ea33915a926f
SHA512

0677acc0c1d2814f6910d0bae07d5690cccfbfc922647c0a6bd35245da21ea5c6738ffb1868212054d018d888b543406dcbbf7f62fe0279acab0c388d29e739c
SSDEEP

3072:/mE33WD1NATx0Asa00KHDCyibxUUvSUopIpHyMsjq8+Ui1Tx1tG+5:/mq3cNATuAd0vHDCy81J7QExbX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be72c443ea9245c3fd8ebcb8ad89aaae_JaffaCakes118

Files

be72c443ea9245c3fd8ebcb8ad89aaae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0e30b51bbef258edf851c139bdfb9258

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetClassLongA
LoadBitmapA
GetClassInfoA
CreateMenu
CharNextA
IsCharLowerA
DrawMenuBar
GetWindowTextLengthA
GetCursor
IsCharUpperA
GetCapture
GetMenu

kernel32

LoadLibraryExA
VirtualAlloc
RaiseException
LockResource
ExitProcess
GetProcessHeap
LoadLibraryA

Exports

Exports

_69oP9@20
FG6k581Gxy@20
_lr4dhwx6
_xsGyJHOW
OQyYUpLUZQ
3zr2Br@12
_uwyC_dYpfiF4
wmamigE
M3TYnPxc73JTI
zHBEL4DN8@16
_hG2YXuN
_WC4a0

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.data
.rdata
.reloc
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text