17d0d75b80fc1d2ef3f150141606b1b3_JaffaCakes118 | Triage

Sharing

General

Target

17d0d75b80fc1d2ef3f150141606b1b3_JaffaCakes118
Size

138KB
MD5

17d0d75b80fc1d2ef3f150141606b1b3
SHA1

c956ed451f42ef51f211b11e29ec7d73e958f674
SHA256

09a6cb94dce3fe1a019ee5c145bf36cf90135fcb25f2bc411a9b035955bb1fea
SHA512

0c4b86bad1b810632eb3eae73a588427b35b0a929f64451f0ba0e9587f0709fa3e16a3d72675159a605238af79c389490581003e76a109f15adab8036bb9f29b
SSDEEP

3072:0VW4e2n27gAMnAnl5pYgtpMzxie6k5JaqlZw5CKnK+7:0VpPAMnMjkUe9vlZhKnX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17d0d75b80fc1d2ef3f150141606b1b3_JaffaCakes118

Files

17d0d75b80fc1d2ef3f150141606b1b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd0e2186fc1cadb630976c4296069cb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
HeapFree
LoadResource
GlobalFindAtomA
ExitProcess
LoadLibraryA
LocalAlloc
VirtualAllocEx
HeapAlloc
IsBadReadPtr

comctl32

ImageList_GetBkColor
ImageList_Write
ImageList_Add
ImageList_Destroy
ImageList_DragShowNolock
ImageList_Create
ImageList_Remove
ImageList_Draw
ImageList_Read
ImageList_DrawEx

user32

IsMenu
GetMenu
GetTopWindow
GetDlgItem
CharNextA
GetIconInfo
GetForegroundWindow

version

VerFindFileA
VerQueryValueA

advapi32

RegCreateKeyA

Exports

Exports

_MjQRARiFNKaWbr@20
_FM2gwR
_SEtnYE7Ob

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ