d3e1e127214b351ffb5842c6ee1d7d04_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3e1e127214b351ffb5842c6ee1d7d04_JaffaCakes118
Size

73KB
MD5

d3e1e127214b351ffb5842c6ee1d7d04
SHA1

03c660a396142d20646805fcf70f9c37f602ca6f
SHA256

8271e46b35968c9e95e23c1c17e6437f3bad4b1bb8157bac0df797fb784301ac
SHA512

d673cf4ba20aec68b782cb6027d6bf175a093deb8084f3c41ef110704e4b692fe70f02a9d5959c5ef2363d689900083829e518f18001e0d217550c4a2adf68a6
SSDEEP

1536:ePR/tH5CdwfwZgRG3sV7llkrvS4TmQfYMz/+nVRUqlW:ePR/z1YZgRGIlkrFBfYMz/+dW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3e1e127214b351ffb5842c6ee1d7d04_JaffaCakes118

Files

d3e1e127214b351ffb5842c6ee1d7d04_JaffaCakes118
.exe windows:4 windows x86 arch:x86

449a539e4ca15d4572b16ca5b73ad74a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
ExitProcess
GetModuleHandleA
CloseHandle
GetProcessHeap
ExitThread
GetOEMCP
VirtualAllocEx
GetCommandLineW
LoadLibraryA

user32

GetWindow
CharUpperA
DefWindowProcA
GetSysColorBrush
GetCursor
GetMenu
GetWindowTextLengthA
CreatePopupMenu
DefMDIChildProcA
DefFrameProcA

Exports

Exports

_VXIrNCMye0FQWB
_Xq8LBA@24
_mpfEbE0D@8
ZUbDF6Xd2
_wiJFp6

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 451B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text