440b1e4a7cc4461aceeba488acf0a8e2_JaffaCakes118 | Triage

Sharing

General

Target

440b1e4a7cc4461aceeba488acf0a8e2_JaffaCakes118
Size

129KB
MD5

440b1e4a7cc4461aceeba488acf0a8e2
SHA1

18edec476ba53f15da5150f2d30141ee9da444c5
SHA256

ac359eea83ae1334b6d03a58af5666508dd103d6543285d6d8574f63fe540d35
SHA512

38f1e53d59cfb61095821df9c45c41161aa103eb9f323de367d58dc5d04f1a674cae27f054d942f3909b9ed3e61dc76fca9cf0599b8478585cfc43f3f971377d
SSDEEP

3072:gimU5U+ASQRKNJa8EfwdUxZBM7067a+i8NY45s1:gnMASQyJanRBM7Zi8Nhs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
440b1e4a7cc4461aceeba488acf0a8e2_JaffaCakes118

Files

440b1e4a7cc4461aceeba488acf0a8e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26c75ef11851f9ada706ceff6d19cf2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_GetBkColor
ImageList_Draw
ImageList_Read
ImageList_Create

gdi32

RestoreDC
SaveDC
SetPixel
SelectObject
GetTextAlign
GetBkColor

user32

GetKeyNameTextA
GetDlgItem
GetForegroundWindow
GetMenu
GetIconInfo
GetKeyState
GetFocus

kernel32

VirtualAlloc
VirtualAllocEx
IsBadHugeReadPtr
GetEnvironmentStrings
GetFullPathNameA
GetProcessHeap
GetFileAttributesA
GetFileType
GetDiskFreeSpaceA
GetFileSize
LoadLibraryA
ExitProcess

shlwapi

SHQueryInfoKeyA
SHStrDupA
SHEnumValueA
SHQueryValueExA

Exports

Exports

lOgmCbspJq@8
_gGYb_veWPrLs
_7tRTKqSApIt
8BhrtRDuq9b8c@8
lP0_1uMscS3kr

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ