51f3157b66c3ead63211b04ddcc95ef7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51f3157b66c3ead63211b04ddcc95ef7_JaffaCakes118
Size

206KB
MD5

51f3157b66c3ead63211b04ddcc95ef7
SHA1

15e039e308fb246c43806a45acc8432d8be3fe68
SHA256

db04231348ca91e6c43ccb235106435546c7ae3ef6d1ff6759f99bb932ea32c5
SHA512

3a6f4dc7a5b0c77fd31b8ec01cfb121431a027eb19c061bd6d7db7eeb692afa34fddc8a9687c2a722a23505e161174f80be4675ac44ead2a041ab56a3efd598c
SSDEEP

6144:QOE0uuVK9uzOLapTiFVfJ/QiNdND1Wk4bH:u0fRoFVR/QiLvW7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51f3157b66c3ead63211b04ddcc95ef7_JaffaCakes118

Files

51f3157b66c3ead63211b04ddcc95ef7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab3f4e8910c54eead07c9aa58a0ee425

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDIBColorTable
BitBlt
GetClipBox
GetDCOrgEx

advapi32

RegEnumKeyExA
RegOpenKeyA
GetUserNameA
RegLoadKeyA

kernel32

LoadLibraryA
VirtualAlloc
GetProcessHeap
GetProcAddress
GetStartupInfoA
IsBadHugeReadPtr
ExitProcess
GetCommandLineW

ole32

StringFromIID
GetHGlobalFromStream
CoGetObjectContext

user32

ReleaseCapture
GetSysColorBrush
LoadBitmapA
RemovePropA
RemoveMenu
DrawMenuBar
ReleaseDC
EnableWindow
ScreenToClient
GetMenu
ScrollWindow

Exports

Exports

_r21_FRQ@12
P782m4J
ChXTJ65E
_IgwR7cFkOQ@12

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ