0236aaebb47798de901f67b65d000d47_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0236aaebb47798de901f67b65d000d47_JaffaCakes118
Size

75KB
MD5

0236aaebb47798de901f67b65d000d47
SHA1

0085178d8ddbc4d819cbfa798831bd5a0ea54868
SHA256

a83119e65bfada53478c5b9c4c411c3630163758f42b00674f92b5b50b24e1a6
SHA512

2b5728ffa43984799f2c5d2d2b48b53898867dc46882bef0af4faadf9af5f81730e68d363edc2883a9ab85f1c6f3b642f8a048d9ff0b28297ebd042d6cb7e302
SSDEEP

768:cJDDAu45UBjcpmkpd9sOi5a0ELYpTPf7iz/9GDnipERViOPKYCI6KnRrYeHGJFiY:Kcu45UFPaYOCprfskKELiOPfOKeE9C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0236aaebb47798de901f67b65d000d47_JaffaCakes118

Files

0236aaebb47798de901f67b65d000d47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

483ec8343fcef50ce35f0821df9b8ff4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetVersionExA
IsBadReadPtr
ResetEvent
FormatMessageA
GetLocalTime
CreateEventA
lstrcpynA
lstrcmpA
FreeResource
GetLastError
RaiseException
SetErrorMode
lstrlenW
DeleteCriticalSection
GetCurrentThread
HeapAlloc
GetCommandLineW
GetCurrentThreadId
lstrlenA
CloseHandle
ExitProcess
VirtualAlloc
VirtualFree
GetCurrentProcess

advapi32

GetLengthSid
RegEnumKeyA
RegDeleteKeyA

gdi32

GetObjectA
GetTextAlign
GetBitmapBits
SetPixel
CreateBrushIndirect
SelectObject
GetBkColor

comctl32

ImageList_Destroy

user32

DrawMenuBar
LoadIconA
CharNextA
LoadCursorA
GetMenu
LoadBitmapA

Exports

Exports

00rvSfzRQ5J
_e0hhABxKcZU@20
_WzaysJHTYL
_4IS5qR

Sections

.text
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ