136b2f690f3059d647b09d049b362ed4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

136b2f690f3059d647b09d049b362ed4_JaffaCakes118
Size

87KB
MD5

136b2f690f3059d647b09d049b362ed4
SHA1

d127b08888c9bb7a18dcba0055c2124284ddaf11
SHA256

1de8e23a0365fb00a11d44b22eebc4637accd5a137a79a91d005dfc15ca1e496
SHA512

892b128686f4383ca15913648e504914d27cf2a7bdc0ecbe5357a3d90e75274e3f78c93b5c58c1c865d98348161a90de8a9bdf51902eebca2be8805074ccf137
SSDEEP

1536:TMHX31hEEK3VB9VKD0qLMjM0c7APvfgJkelN54PDh+LHNneKEO52Ns2ncqFBVP:QLEEK3VLVKD0RMrQv4Gw4GtneKEO5i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
136b2f690f3059d647b09d049b362ed4_JaffaCakes118

Files

136b2f690f3059d647b09d049b362ed4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1079a07dfa22b1e4033d51991cbe028a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
SystemTimeToFileTime
GetCurrentProcess
GetProcAddress
GetFileAttributesW
GetVersionExA
lstrcpyn
GetModuleFileNameW
GetComputerNameA
GetModuleFileNameA
CompareStringW
WinExec
GetModuleHandleA

user32

RegisterClassExA
LoadCursorW
ReleaseDC
RegisterWindowMessageA
MoveWindow
GetForegroundWindow
UpdateWindow
DestroyWindow
LoadMenuW
GetCapture
GetDlgItem
RegisterClassExW
IsWindowEnabled
GetWindowRect
DrawIcon
SetCapture
LoadBitmapA
GetDC
SetTimer

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 498B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ