125b784aa6563f2a9b54bb9144dfb71e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

125b784aa6563f2a9b54bb9144dfb71e_JaffaCakes118
Size

219KB
MD5

125b784aa6563f2a9b54bb9144dfb71e
SHA1

e62b4fb284942c0bf7a71623eb8a11ded758274f
SHA256

bd2c6a6ff92cf91c5a308b730621fc6cff17aef05c0db30b1769501bd415aad0
SHA512

cbedc35910b2e69fc4bb646184baf3ae04f15a17e2df9f8a060d48e41a8c88919350e82d10c717d3d7cbf4f50c725dde744c099d7cddaad9ecaf35887e61a3ec
SSDEEP

6144:mYWyM805Ax96qHWonKDcre2um4F6VgpOSAI4Ii2w:vWa96mWonKDpK4FOgp7N4Br

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
125b784aa6563f2a9b54bb9144dfb71e_JaffaCakes118

Files

125b784aa6563f2a9b54bb9144dfb71e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bde5e23a6e78b4c3b83410c688de36a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyMenu
GetMenu
GetWindowDC
DestroyIcon
DeleteMenu
DestroyCursor

kernel32

lstrcmpiA
ExitProcess
MoveFileA
VirtualAllocEx
lstrcatA
LoadLibraryA

Exports

Exports

oXD_yPd0
d0SMiE@12
_iKNeCClkAdmI@24
NW1xhhxoemv@8

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text