04aa83136f352ce69359f228e63cbab6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04aa83136f352ce69359f228e63cbab6_JaffaCakes118
Size

123KB
MD5

04aa83136f352ce69359f228e63cbab6
SHA1

5edc6bf7375b27f449d92c8b595b8534c9797e6b
SHA256

de502548fa0cc38a9d0a0123cb1b9916baac3a4d0461a095823181e09bb0a623
SHA512

da54f7e47439d4b13cf5e12661898b2464ede4120653b56bf337e19316ae6c852835d6446166428908b508340f2b64f90eea6f272ad83913b4dc687739001088
SSDEEP

3072:o6dUwZLqFpOmAS+QowN+2oNmHD9Egg3n6:GwZtQowNwahpgX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04aa83136f352ce69359f228e63cbab6_JaffaCakes118

Files

04aa83136f352ce69359f228e63cbab6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca9a71a5142671e60e98d85d0f9d3e56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkMode
GetBitmapBits
CreateFontIndirectA
GetBkColor
GetDIBits
SetPixel
CreateCompatibleDC

advapi32

GetLengthSid
RegQueryValueA
RegDeleteKeyA

comctl32

ImageList_DragShowNolock
ImageList_Remove
ImageList_Write
ImageList_Create
ImageList_Read
ImageList_Add
ImageList_GetBkColor
ImageList_DrawEx
ImageList_Destroy

kernel32

ResetEvent
SetFilePointer
ReadFile
GetProcessHeap
SetEvent
SetEndOfFile
SetErrorMode
IsBadReadPtr
LoadLibraryA
VirtualAllocEx
ExitProcess

user32

GetIconInfo
GetForegroundWindow
GetMenu
LoadCursorA
GetFocus

Exports

Exports

_5KdCM@24
vsUKoMtBsO@12

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ