f5f07019b403cf7c44a81603334cdbae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5f07019b403cf7c44a81603334cdbae_JaffaCakes118
Size

814KB
MD5

f5f07019b403cf7c44a81603334cdbae
SHA1

a20c9b9e2782fb03965b15ad88dc9bebd021c1c3
SHA256

2ae04cad96897227e607b1c1e48281356b795f6acc44c15dc3ea2f85fdcb8a4c
SHA512

bf7f56e4f42801c7a5a94c99f2cbfdd70d5c8fc80ec880c947033128d4b73786cdfbcf6f70cf4fd978da9d5e2f41e060f303c9837659bb16d30d23f13d905e07
SSDEEP

24576:De71QSNT8kfKNBZ1JHD7z44RDpIV7mntqRPMg5HR/:De72ShfKnRo4K7maPMg7/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5f07019b403cf7c44a81603334cdbae_JaffaCakes118

Files

f5f07019b403cf7c44a81603334cdbae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

043cf456df7aabbf25060880b5bd0e17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
ReleaseMutex
GetLastError
FindResourceA
GetModuleHandleA
TlsGetValue
CreateMutexA
HeapCreate
GetACP
HeapDestroy
SetConsoleCursorInfo
GlobalFree
SetLastError
UnmapViewOfFile
CreateFileA
Sleep
ExitThread
FreeEnvironmentStringsA
LocalUnlock
LoadLibraryExW

user32

GetIconInfo
CopyRect
GetDlgItem
DrawMenuBar
DispatchMessageA
FillRect
CallWindowProcA
DrawEdge
GetDC
GetFocus
IsWindow
CheckRadioButton
DefWindowProcW

uxtheme

GetThemeRect
DrawThemeIcon
DrawThemeEdge
GetThemeSysInt
DrawThemeText

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ