bef528df2dc58bb13cbe4117e41982c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bef528df2dc58bb13cbe4117e41982c4_JaffaCakes118
Size

814KB
MD5

bef528df2dc58bb13cbe4117e41982c4
SHA1

1e7cd1f366733d2b9703656b360e18ad30f7cc63
SHA256

051d2e5e82e586b6da0c89ba941eb043069f7f0b286972382f432a4ea6587a05
SHA512

28f0b0f74d4695aec8eaaedd02bb86f8f3852686b926537be6b23fdcb7f375796b6af97db5f2a4edc8a33fc568c234799f3d6447a89f48fbbdc20d996d82737c
SSDEEP

24576:kl+otjwsNG/PCxqrtmEYNwoYNp7EtggPK7UF:q1sPrrt19pvgPBF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bef528df2dc58bb13cbe4117e41982c4_JaffaCakes118

Files

bef528df2dc58bb13cbe4117e41982c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acb11cf3a93388f3394d971fa07d3441

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
ReleaseMutex
CreateMutexA
ExitThread
GetModuleHandleA
FindResourceA
LoadLibraryExW
UnmapViewOfFile
GetLastError
GetProcessHeap
CreateFileA
SetLastError
SetConsoleCursorInfo
GlobalFree
TlsGetValue
GetACP
GetEnvironmentVariableA
LocalUnlock
HeapCreate
FindClose

user32

CheckRadioButton
GetIconInfo
CallWindowProcA
DrawEdge
DefWindowProcW
FillRect
GetFocus
CopyRect
IsWindow
DispatchMessageA
DrawMenuBar
GetDlgItem
GetDC

uxtheme

DrawThemeIcon
DrawThemeEdge
GetThemeSysInt
DrawThemeText
GetThemeRect

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ