0afeaa2d24e353d1703709702e89ebb1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0afeaa2d24e353d1703709702e89ebb1_JaffaCakes118
Size

213KB
MD5

0afeaa2d24e353d1703709702e89ebb1
SHA1

3faa44ac8bd7f47ff4180751bc07c7f657637ee4
SHA256

f6e7c5232f01e695f7fbc03d8566e09f94a6e44a888a4c3c4c0b0de1fb786cfe
SHA512

55248a45bd50eedf24e80de529e3ee1f4fa85573984527cac6ca00463a72fd2a8fa2ca910c157191676fea361e109ebd0181fa63edfe68f8a8ce90e1ee193911
SSDEEP

6144:KwyNcKnABDZwmufZ1bJrPPmJeAjEehcI:FdBledJr3mMCf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0afeaa2d24e353d1703709702e89ebb1_JaffaCakes118

Files

0afeaa2d24e353d1703709702e89ebb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e473d2d7fd34d63b9f78e38d43e99cfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
ChooseColorA
FindTextA

user32

GetIconInfo
GetDCEx
GetSysColorBrush
CharLowerA
GetForegroundWindow
GetMenuItemCount
IsCharUpperA
GetMenu
IsZoomed
GetCapture
GetDesktopWindow

kernel32

EnumCalendarInfoA
Sleep
VirtualAllocEx
ExitProcess
EnterCriticalSection
GetFileAttributesA
GetStartupInfoA
lstrcmpA
GetStringTypeA
GetEnvironmentStrings
CreateFileA
MulDiv
MoveFileExA
GetTickCount
CompareStringA
GetThreadLocale
GetCurrentThreadId
IsBadReadPtr
GetLocalTime
GetLocaleInfoA
CreateThread

gdi32

SelectPalette
GetPixel
CreateCompatibleBitmap
CreateBrushIndirect
GetBkMode
SetPixel

shlwapi

PathGetCharTypeA

Exports

Exports

4nRvH7jHE@12
_zBv68sriiUR
VFKnyT1HE3ys@8
_Qa_f4y3epmG9

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ