27edb13a6edad5f16bcbb10157d64c48_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27edb13a6edad5f16bcbb10157d64c48_JaffaCakes118
Size

210KB
MD5

27edb13a6edad5f16bcbb10157d64c48
SHA1

0ccc8b320d1bd4d9b14b47aa3ef8f884272a2306
SHA256

bb15d73dab8a1add7c8fcb48204fad3c16ce28dd6b44cd211895ebb06a31a901
SHA512

b381d396ad798f90495f4a13a6c7b9e42cfb0aeaa171763d058817e245d6df3a09c61ffb5180f4ae8ef05cc92db82697b4d76803b2eeb1eb69bbd79cfee718c5
SSDEEP

6144:ZuwY6xgNsEv2Ucx6sdmfaO5XMynGh1TTz/OBJ:8H9nlsYX5XMUi1PzA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27edb13a6edad5f16bcbb10157d64c48_JaffaCakes118

Files

27edb13a6edad5f16bcbb10157d64c48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c528b17cef75ebeadd854b2f9b250eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperA
IsCharUpperA
ChildWindowFromPoint
CreateIcon
CreatePopupMenu
GetMenu
CreateMenu
LoadBitmapA

gdi32

RestoreDC

version

VerFindFileA

kernel32

GetOEMCP
VirtualAllocEx
GetThreadLocale
LoadLibraryA
ExitProcess
LoadLibraryExA
LockResource

Exports

Exports

0dpfG
aywWdh2@12
eGuUhe8w@4
VIAJ1@4
_duNZNVaP8M5E3
_uFT1FHA4Uu
_LsQD6TF@4
4ZqEPlR_CYWjE@8
_tO9Jo8Bi7cFwz@24
qVwXSl
_YSolh_aS6
_ipWt5euYiSdICt
_UuqfD@4
_00JTv
pD89bKGqum@24
SESP53wg
NjvfaHqT

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ