0476fa78a0b7055ff35227de51e27f4e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0476fa78a0b7055ff35227de51e27f4e_JaffaCakes118
Size

138KB
MD5

0476fa78a0b7055ff35227de51e27f4e
SHA1

b419f297596e214abb6f98b39f2bcaa895637151
SHA256

1a1d8ccb7a3e6e2010665ad2c5a49cd54c6a46a6076644e1515fc8c2004bc5f1
SHA512

14a730c5e616a09126fdb83414333e2036ea625f2123b640bcc2e95a7805819d6d5f9b5addbc05435aa81105437006caf73643faf8c2b55fb94bc14a8182d457
SSDEEP

3072:0VW4e2n27gAMnAnl5pYgtpMzxie6k5JaqlZw5CKnK+J:0VpPAMnMjkUe9vlZhKnX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0476fa78a0b7055ff35227de51e27f4e_JaffaCakes118

Files

0476fa78a0b7055ff35227de51e27f4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd0e2186fc1cadb630976c4296069cb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
HeapFree
LoadResource
GlobalFindAtomA
ExitProcess
LoadLibraryA
LocalAlloc
VirtualAllocEx
HeapAlloc
IsBadReadPtr

comctl32

ImageList_GetBkColor
ImageList_Write
ImageList_Add
ImageList_Destroy
ImageList_DragShowNolock
ImageList_Create
ImageList_Remove
ImageList_Draw
ImageList_Read
ImageList_DrawEx

user32

IsMenu
GetMenu
GetTopWindow
GetDlgItem
CharNextA
GetIconInfo
GetForegroundWindow

version

VerFindFileA
VerQueryValueA

advapi32

RegCreateKeyA

Exports

Exports

_MjQRARiFNKaWbr@20
_FM2gwR
_SEtnYE7Ob

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ