42fbb424acc911ab23fb5a47281c7303_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42fbb424acc911ab23fb5a47281c7303_JaffaCakes118
Size

76KB
MD5

42fbb424acc911ab23fb5a47281c7303
SHA1

1c40db2d646dd49075713032c8afcc1ab0e2c6a5
SHA256

d469f393b364487df36548ef65bea7270818991cc4dc706cb4a7da7fe0a82362
SHA512

e8f00ca0b3c5d0192c102f61cacaf7b2136a3e6b2471f5308937be4a82488b97d2f4f0c8942f2ffbc1bdde2d7c36b3410259eed34e01dce120071b2d7b5416dc
SSDEEP

1536:T6PpRd+ZB1hwh1wDyTr+8WMEZBHuBdq29h/xkHqY/:T6xRSB1XUrZWMOHiA2X4/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42fbb424acc911ab23fb5a47281c7303_JaffaCakes118

Files

42fbb424acc911ab23fb5a47281c7303_JaffaCakes118
.exe windows:4 windows x86 arch:x86

655d59a06b63635564d64d362e5fb11e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
VirtualAlloc
WideCharToMultiByte
VirtualFree
GetLastError
VirtualAllocEx
ExitProcess
LoadLibraryA
LocalAlloc
lstrlenA

user32

GetDC
LoadIconA
UnhookWindowsHookEx
UnregisterClassA
GetActiveWindow
TranslateMDISysAccel
IsWindowUnicode
CreatePopupMenu
CreateMenu
KillTimer
SystemParametersInfoA
TranslateMessage
CharNextA
GetMenu

Exports

Exports

G7vot1skE_25wL
Uy3fXO7mwG_G
QP_jmmZ
_uGExM9BH9yZy6@16
Zj5z7qGLanBMDq

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text