55ba099a52e0713475f406a9cd0a6ece_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55ba099a52e0713475f406a9cd0a6ece_JaffaCakes118
Size

131KB
MD5

55ba099a52e0713475f406a9cd0a6ece
SHA1

931f8919136c2896e027aceec983b20b3e47ca72
SHA256

c08cbbd98dd59c74fe0ebcf7c09c350817970ffea3d66b9b1ee510e55de4cde7
SHA512

c20290dd00088dc999c55588dfaa86f358571c365a3bff92727e155a930fcb73addb718bed096c72164ff033f9b5edaa80b9fc4f62e53555dd0a5e5c7263897f
SSDEEP

3072:L7okObveISW9HF8hDXT3AnuB61Vbsdka+YR:v7Oje638lkuB618+Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55ba099a52e0713475f406a9cd0a6ece_JaffaCakes118

Files

55ba099a52e0713475f406a9cd0a6ece_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee95db37074c842d63ce038f6da8a24b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharToOemA
CharNextA
GetSysColorBrush
GetMenu
CharLowerBuffA
CharNextW
CharUpperBuffA
IsChild
CheckMenuItem

kernel32

LocalAlloc
lstrlenW
GetCurrentThread
lstrlenA
IsBadReadPtr
VirtualAllocEx
GetCommandLineW
LoadLibraryA
ExitProcess

msvcrt

memcpy
atol
malloc
wcscspn
_acmdln
sqrt
exit
mbstowcs

version

GetFileVersionInfoSizeA
VerQueryValueA

gdi32

CreateCompatibleBitmap
GetBkColor
RestoreDC
GetCurrentPositionEx
SelectObject
CreateBitmap
GetRgnBox
CopyEnhMetaFileA

Exports

Exports

DelB3TUcZQErv
_3JpOzQPU3@4
KDJgC5

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ