05017555311081fd6bffe2d712e87e17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05017555311081fd6bffe2d712e87e17_JaffaCakes118
Size

124KB
MD5

05017555311081fd6bffe2d712e87e17
SHA1

ccfce407c2b7d48866af771bd37479d09a3a607c
SHA256

f37ceeddd73d8a4e2ec17efaae7f71d0dcc233d4fb033243bcf687d99273aacb
SHA512

c4153bf18e7540564c97a055411126342e49443abd8281428370411cea96939a66b78ee5d9f8310dac2f132a2afbb2963a2f1ae2938df170f29485f7b6919369
SSDEEP

3072:sVQiFcZb0nzqtuiNdiVFWF6NmQTtD7Syi/+PT5:+9nzIT4FWYpB75i2PT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05017555311081fd6bffe2d712e87e17_JaffaCakes118

Files

05017555311081fd6bffe2d712e87e17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb87a7c2a66f9418ff6a2dc3cb051386

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

GetErrorInfo
SafeArrayCreate

advapi32

RegOpenKeyExA
RegQueryValueExA

kernel32

GetVersion
LoadLibraryA
GetVersionExA
GetUserDefaultLCID
IsBadReadPtr
ExitProcess
GetThreadLocale
VirtualAllocEx

user32

SetFocus
GetMenu
SetCursor
IsWindowUnicode
SetClipboardData
GetDC
IsDlgButtonChecked

gdi32

LineTo
GetDIBColorTable
SelectObject
CreateDIBitmap
CreatePenIndirect
GetCurrentPositionEx
GetTextColor

Exports

Exports

_44xfFVkuSFWAr@24
_kQ7zTQjB
_7kFyZ
lh4l8LH@12
_ou7HcjAP@16

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ