466d7df8a2a7612ba515ae024fabfa45_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

466d7df8a2a7612ba515ae024fabfa45_JaffaCakes118
Size

66KB
MD5

466d7df8a2a7612ba515ae024fabfa45
SHA1

a45c3bbc451286a3daea3789b1ec44800ff207a3
SHA256

9c08c202e290e6ebce26b7aa8f235a23b110fd7daf8a24b43fe4d09ab18524be
SHA512

b51eb251e5560819ec4c38cfc059a1a56bb2b9f985d36e2b4bd6e8cce3b07c320a3156e7471701c2c082cb368b64638049b727c443c0b82a70cb767aec1d6d0a
SSDEEP

1536:LGPAqacKjTakbpMRk67NN5LYoQGVlrTz7oS:CPiciTakbGk67NEoQulZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
466d7df8a2a7612ba515ae024fabfa45_JaffaCakes118

Files

466d7df8a2a7612ba515ae024fabfa45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10881888e1797cd4abd256ce3460b430

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyA

gdi32

SelectObject
LineTo
RestoreDC

kernel32

GetLocaleInfoA
ExitProcess
IsBadHugeReadPtr
VirtualAllocEx
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetLocalTime
GetLastError

comctl32

ImageList_Read
ImageList_Write
ImageList_Create
ImageList_DrawEx
ImageList_Remove

user32

PostQuitMessage
IsWindowUnicode
RedrawWindow
CharLowerA
RegisterClipboardFormatA
IsCharLowerA
GetWindow
PtInRect
GetMenu
RegisterClassA

Exports

Exports

_CFquxlV
_4kupw
P19tk7hX
GLxA7OmKw

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ