0436f365a3ca1616bb2302d8034f3f9a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0436f365a3ca1616bb2302d8034f3f9a_JaffaCakes118
Size

117KB
MD5

0436f365a3ca1616bb2302d8034f3f9a
SHA1

4c66f4ea4584ae97301bc0b8fda22d6cc0c58f55
SHA256

e5440b4b4b7cb05415e5b9b853c4d361bbce3736de3f228dae7aa88bd8084ae8
SHA512

524e31fd1409e05dff3561a85a83175ca8685aa778343320ec108eac495599456e7164bce11a8ebe3d3f6908c09c00795bb97f40854f6545e59737fe8185da8d
SSDEEP

1536:3Iu/9WHkduW04U+LlTNBvpBNCVHzPFvfSb0ooUAaWKhoih:3IuXeYdpBNgP1f60Kfh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0436f365a3ca1616bb2302d8034f3f9a_JaffaCakes118

Files

0436f365a3ca1616bb2302d8034f3f9a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c309c6a5d500959e885e654b165cb685

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AppendMenuA
AlignRects
DrawTextW
GetDlgItem

advapi32

RegQueryValueW
RegCreateKeyA
RegOpenKeyExA
RegOpenKeyW

kernel32

OpenFileMappingA
CompareStringA
FormatMessageA
FlushFileBuffers
ExitThread
lstrcmpA
HeapAlloc
lstrlenA
DeleteFileW
WriteFile
GetStdHandle
GetCommandLineA
ExitProcess
GlobalFree
GetCPInfo
ReadFile
FindClose
GetLocalTime
FreeResource
GetFileTime
GetLastError
OpenFile
CreateDirectoryA

Sections

.1gf6
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.420a
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.373a
Size: 55KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4a31
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ae94
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ