e0a24326c823668e89730457e6ae5054_JaffaCakes118 | Triage

Sharing

General

Target

e0a24326c823668e89730457e6ae5054_JaffaCakes118
Size

66KB
MD5

e0a24326c823668e89730457e6ae5054
SHA1

966c569f8b2a40cf01149b36ce9fad3473e4a2d5
SHA256

93fb8711f22c9d100c2f1c34d451bafc4bce9576c39cd52982c1f23fddc50b5c
SHA512

31d0ad285c0546b3daac23700578cd45d60977994c9d58297b58c5b5585a9a1775c16002e57debe4c28de256d666afd4e7ba39932333b186decdb402a9111a85
SSDEEP

1536:LGPAqacKjTakbpMRk67NN5LYoQGVlrTz7oN:CPiciTakbGk67NEoQul+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0a24326c823668e89730457e6ae5054_JaffaCakes118

Files

e0a24326c823668e89730457e6ae5054_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10881888e1797cd4abd256ce3460b430

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyA

gdi32

SelectObject
LineTo
RestoreDC

kernel32

GetLocaleInfoA
ExitProcess
IsBadHugeReadPtr
VirtualAllocEx
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetLocalTime
GetLastError

comctl32

ImageList_Read
ImageList_Write
ImageList_Create
ImageList_DrawEx
ImageList_Remove

user32

PostQuitMessage
IsWindowUnicode
RedrawWindow
CharLowerA
RegisterClipboardFormatA
IsCharLowerA
GetWindow
PtInRect
GetMenu
RegisterClassA

Exports

Exports

_CFquxlV
_4kupw
P19tk7hX
GLxA7OmKw

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ