129b86be6fbef3f0ae99077c7efe6e76_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

129b86be6fbef3f0ae99077c7efe6e76_JaffaCakes118
Size

67KB
MD5

129b86be6fbef3f0ae99077c7efe6e76
SHA1

ea88b7816a0afa3b79fa76c09e2f39398a3ccce8
SHA256

e20d64f41bc85ad9e1e63564e8919e5640cc324e003fa9676a6721c4b4890b8c
SHA512

106b50afa9269a839541af1b93016fdd15d21d9b74bde45a43d17f150677d9298acfb47faa5dfc334d4e8467fa43847f9855bcaaaee41c5e198444dc595216c5
SSDEEP

1536:62KcI8MplEy3UUB5gOAjzSfPZiE7vC8qGNFBp8fIrmlD0z:62QnEy3UUB5gO7iACPmFBp8fk2s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
129b86be6fbef3f0ae99077c7efe6e76_JaffaCakes118

Files

129b86be6fbef3f0ae99077c7efe6e76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a45fcbb20b330d3ae706c4122e47aec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
GetSystemMetrics
MsgWaitForMultipleObjects
MoveWindow
WindowFromPoint
LoadBitmapA
LoadCursorA
GetWindowTextLengthA
GetMenu

kernel32

IsBadReadPtr
GetStartupInfoA
GetProcessHeap
VirtualAllocEx
GetStringTypeA
LoadLibraryA
GetStdHandle
ExitProcess
GetCommandLineW

comdlg32

FindTextA
GetFileTitleA
GetSaveFileNameA
ChooseColorA
GetOpenFileNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

SHStrDupA
PathGetCharTypeA
SHEnumValueA
SHQueryValueExA
SHDeleteKeyA

Exports

Exports

_cl9N6tV@24
_BCor9OUb
_FkQ_G7FrLQha1M@12
_ILxyE

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ