273612affc1800bd489edda98dcf2b3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

273612affc1800bd489edda98dcf2b3a_JaffaCakes118
Size

73KB
MD5

273612affc1800bd489edda98dcf2b3a
SHA1

291b73c9e6f7c0b9933f5f388d0f6114554da06d
SHA256

4806262a79e4c9437d2c64fa834543b7f6ff00e55a0645a6f7c91ba2b7192655
SHA512

30c800e4237dafab162fd4d366458041098c51fd3689f7cd27054b81c8c57e4332ac3db9ccf01de9301247dc7b7e8fc3fc678026102c9cd1dc3fc23201a5fc61
SSDEEP

1536:ePR/tH5CdwfwZgRG3sV7llkrvS4TmQfYMz/+nVRTqlW:ePR/z1YZgRGIlkrFBfYMz/+iW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
273612affc1800bd489edda98dcf2b3a_JaffaCakes118

Files

273612affc1800bd489edda98dcf2b3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

449a539e4ca15d4572b16ca5b73ad74a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
ExitProcess
GetModuleHandleA
CloseHandle
GetProcessHeap
ExitThread
GetOEMCP
VirtualAllocEx
GetCommandLineW
LoadLibraryA

user32

GetWindow
CharUpperA
DefWindowProcA
GetSysColorBrush
GetCursor
GetMenu
GetWindowTextLengthA
CreatePopupMenu
DefMDIChildProcA
DefFrameProcA

Exports

Exports

_VXIrNCMye0FQWB
_Xq8LBA@24
_mpfEbE0D@8
ZUbDF6Xd2
_wiJFp6

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 451B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text