00c4058bc363b39022695f326fb9609c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00c4058bc363b39022695f326fb9609c_JaffaCakes118
Size

131KB
MD5

00c4058bc363b39022695f326fb9609c
SHA1

ff3de1f3265d3846c82811966d0c533249970e3f
SHA256

ce12afa5f4396e61c2e81dbbd972fb385f2a673cb557772a594a89a99784b402
SHA512

ba6b059038138a55193e2c41289ca36ce3e1be897055be2c51ac031ab872e5ffae40c6fe085f7e9516407c8ff7e41e56bb37375281c3094d17911a1a35520589
SSDEEP

3072:L7okObveISW9HF8hDXT3AnuB61Vbsdka+WR:v7Oje638lkuB618+W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00c4058bc363b39022695f326fb9609c_JaffaCakes118

Files

00c4058bc363b39022695f326fb9609c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee95db37074c842d63ce038f6da8a24b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharToOemA
CharNextA
GetSysColorBrush
GetMenu
CharLowerBuffA
CharNextW
CharUpperBuffA
IsChild
CheckMenuItem

kernel32

LocalAlloc
lstrlenW
GetCurrentThread
lstrlenA
IsBadReadPtr
VirtualAllocEx
GetCommandLineW
LoadLibraryA
ExitProcess

msvcrt

memcpy
atol
malloc
wcscspn
_acmdln
sqrt
exit
mbstowcs

version

GetFileVersionInfoSizeA
VerQueryValueA

gdi32

CreateCompatibleBitmap
GetBkColor
RestoreDC
GetCurrentPositionEx
SelectObject
CreateBitmap
GetRgnBox
CopyEnhMetaFileA

Exports

Exports

DelB3TUcZQErv
_3JpOzQPU3@4
KDJgC5

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ