063507ebd68aae1b76d08e1ec565dafa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

063507ebd68aae1b76d08e1ec565dafa_JaffaCakes118
Size

63KB
MD5

063507ebd68aae1b76d08e1ec565dafa
SHA1

278a01e0bfd96b69b041f9a5c9fb1d26f2c2f2f0
SHA256

a21032aca916e6ece403249d1bc7f2d0afa16faa90ebdb99fc2dd73eea6267e5
SHA512

e2edcf1c2d1887b5ad2381fd29ac49c87b337ebf1aef5c2b60ff4fb95f41a6ed1006f64ef83f3a87a53d6c4e50d48e1f691c6d36d0d4eb9be567b99a9b2b2b9e
SSDEEP

1536:uufg6xNUQs0ZEjMPcqHmbBhvI1qWfiuv7tPS0xLDTk:x3xNvaIPk+qWpL1Tk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
063507ebd68aae1b76d08e1ec565dafa_JaffaCakes118

Files

063507ebd68aae1b76d08e1ec565dafa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c3c81c20b3a83a6b12dc984bdc16b5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetScrollInfo
GetSubMenu
GetScrollPos
CharLowerA
GetPropA
GetCapture
IsWindowEnabled
GetScrollRange
GetCursor
GetMenu

kernel32

VirtualQuery
LoadLibraryA
GetProcessHeap
VirtualAllocEx
WaitForSingleObject

oleaut32

SysAllocStringLen
SysStringLen
SafeArrayPtrOfIndex
VariantChangeType
SafeArrayGetUBound
RegisterTypeLib
SafeArrayCreate
SysReAllocStringLen
VariantCopyInd
SysFreeString

gdi32

CreateBrushIndirect
CreateCompatibleDC
SelectPalette
GetDIBColorTable

Exports

Exports

d8mFDMC8
zXyrHd@24
N9It4VWL@8
PtNHc
L26kJXPRMU
_vaRRvJ7
zFUYWG@8
_Qqrrbod@12
_aPNvF@24
_Gzibf6nPd
__fQH1F
qylZ_6LOX
rcKG76r4JzY
XmbdhUfcGn@16
_2DZaZIIvXW87@4
_uSkun8j2ofF@12
jzn0XtkJ0BMQF

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ