138814507a11282b0c6200193b66080a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

138814507a11282b0c6200193b66080a_JaffaCakes118
Size

330KB
MD5

138814507a11282b0c6200193b66080a
SHA1

0bada582ad6c2c46367af20740b7ba29bf9f0e3f
SHA256

6ba3282a4829b62b6644de1e276fef382595389332044d3e2c70483540f1ba64
SHA512

9be2ebf6799a19f922a3062ed8ba8adf96068c00eed71946b04f03a7b7986642904e29243381318db1ac9ae3d5dd3cbcb14d77f00bc85591198533e7529a0c60
SSDEEP

6144:QQtZJKXzL5vOTiIIWPkHHScTXuXY6ZzIqQFM1TAP4ClREfJo4SKb3gxqF7B:QQtDKNOT5PmDIpZsqNNAP4ClREZNb3Oa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
138814507a11282b0c6200193b66080a_JaffaCakes118

Files

138814507a11282b0c6200193b66080a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6ce794ba6b0e3425e7911c33ebf6d18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
VirtualProtect
SetConsoleCP
HeapReAlloc
LoadLibraryExA
CloseHandle
SuspendThread
GetStdHandle
GlobalUnlock
WaitForSingleObject
lstrlenA
WaitForMultipleObjects
GetSystemDefaultLangID
GetAtomNameA
GetConsoleCP
InterlockedExchange
HeapCreate
CompareFileTime
GetCommandLineA
GetModuleHandleA
GetTickCount

user32

DispatchMessageA
DialogBoxParamA
SetWindowPos
GetDlgItem
SetPropA
SetScrollInfo
GetKeyState
InvertRect
FillRect
FindWindowA
EnableScrollBar
DestroyMenu
CreateMenu
GetKeyboardLayout
CreateIcon
DrawCaption
InsertMenuA
IsDialogMessage
GetCursorInfo
DragObject
CopyImage

advapi32

RegCloseKey
RegEnumKeyA
RegCreateKeyExA
RegEnumValueA
RegQueryInfoKeyA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ