135b325383658a810a975dafd8f603cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

135b325383658a810a975dafd8f603cd_JaffaCakes118
Size

298KB
MD5

135b325383658a810a975dafd8f603cd
SHA1

5d735b9cc1eb6adb011eb39063120237c24b4755
SHA256

cbcd5becdb36b8e1d8cd77c977da8911b5b0264c279189a79bf9adb2f2e54feb
SHA512

6e94d5ba4598fa54800a42f654b1d6368897984ae72577bdb23635ab6695c3b8ae17ebb18ea5ca91a0954b110fe50402a2d7785da2768702670a6504599616a7
SSDEEP

6144:8uen8Vl6QQDWVoiA5i6biH81QWGivEdy1P2AQbEqE6FgATAQ:9nlQDmci2iH81QWo8523bFFTsQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
135b325383658a810a975dafd8f603cd_JaffaCakes118

Files

135b325383658a810a975dafd8f603cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7708ec8b62b0be3c86629594994b1a86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
GetCurrentThreadId
InitializeCriticalSection
CreateEventW
lstrlenW
LocalFree
LoadLibraryW
GetPrivateProfileStringA
SuspendThread
TlsGetValue
WriteFile
GetEnvironmentVariableW
LocalFlags
HeapCreate
GetCurrentProcessId
ResumeThread
GetConsoleAliasA
GetDriveTypeW
GetNumberFormatA
FindClose

user32

CallWindowProcW
GetSysColor
GetClientRect
DrawStateW
SetFocus
IsWindow
GetSysColor
DrawTextA
EndDialog
GetClassInfoA
DispatchMessageA
GetKeyboardType
CreateWindowExA

srclient

EnableSR
EnableSR
EnableSR
EnableSR
EnableSR

clbcatq

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ