137c7d3e305c9573949fbe8c68f79fee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

137c7d3e305c9573949fbe8c68f79fee_JaffaCakes118
Size

325KB
MD5

137c7d3e305c9573949fbe8c68f79fee
SHA1

35ae1e97756e2d59d5d4685c5b7be25bc0112e5f
SHA256

b098365a4055520f79d203c95151184f9937ab460da37e2ef4ad69b5633a608c
SHA512

40509366e36b9960a842abcc153e44fbfab00497da7c3cc73d10df8abf6cc1fa2d8fb0cf236404c6a43d98a9ff1194066bd6d072e8e2b8467bce079f66cce155
SSDEEP

6144:IkyfOi0atwgIGXeOpDBa1l49KpX1KhHlziMMQjHxgCM:ofP01geBDCJlS+HxJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
137c7d3e305c9573949fbe8c68f79fee_JaffaCakes118

Files

137c7d3e305c9573949fbe8c68f79fee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e5af061f3519521843da029c448837f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetThreadDesktop
DialogBoxParamA
GetActiveWindow
EnumDisplaySettingsA
GetWindowThreadProcessId
IsCharAlphaA
MessageBoxA
GetScrollInfo
SetWindowTextA
SetDlgItemTextA
EnumWindows

ole32

CoGetCallerTID

comctl32

ord17

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

GetTickCount
GetLocalTime
IsBadWritePtr
SetFileAttributesA
GetDateFormatA
GetTimeFormatA
InitializeCriticalSection
DeleteCriticalSection
LocalAlloc
LocalFree
IsValidLocale
HeapDestroy
IsBadReadPtr
FreeLibrary
LoadLibraryA
GetProcAddress
HeapAlloc
ExitProcess
HeapCreate

Sections

.text
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ