d000ac261677ebb7263d0ea396c68202_JaffaCakes118 | Triage

Sharing

General

Target

d000ac261677ebb7263d0ea396c68202_JaffaCakes118
Size

63KB
MD5

d000ac261677ebb7263d0ea396c68202
SHA1

99fb6d25d05313e76ad6774409f117a5f5076d58
SHA256

4038455a9e9bd570723b07d7dcb651a68a20a8ab2ee33da678502e8751c0ce6b
SHA512

b5a0c3a8c9f9c63367ea4000f3d69c040dfe03e82cfaf59265e9036fe20d714a6a1eec00e8e0578cb5b434eade4d41ed76b1412cefa824c1736b288b655aeaa2
SSDEEP

768:JUOcqHNW38mzs/LyFfAZcXkSKVW/aZrFDmJz4KsJFuxGo22d10d1CWRfAvPjzdyB:WOcH384ciX96DmJ4Kys2PqBPHWciaBg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d000ac261677ebb7263d0ea396c68202_JaffaCakes118

Files

d000ac261677ebb7263d0ea396c68202_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a293fcfb3321fc34fe8a6b6521bc125f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadHugeReadPtr
VirtualAllocEx
LoadResource
InitializeCriticalSection
LoadLibraryExA
HeapFree
ExitProcess
HeapAlloc
LoadLibraryA

gdi32

GetDCOrgEx
GetRgnBox
GetPaletteEntries
RestoreDC
GetDIBits

oleaut32

SafeArrayGetUBound
SysAllocStringLen
OleLoadPicture

comctl32

ImageList_Create
ImageList_DragShowNolock
ImageList_Destroy
ImageList_Read
ImageList_Write

user32

GetDesktopWindow
GetClassLongA
GetClipboardData
GetClientRect
OpenIcon
GetMenu
EnableWindow
GetClassNameA
GetCursor
IsCharUpperA

Exports

Exports

_39cnF
s3TwayaMuMi7@4

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ