e27556d153b676db7f3bdf415990e109_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e27556d153b676db7f3bdf415990e109_JaffaCakes118
Size

636KB
MD5

e27556d153b676db7f3bdf415990e109
SHA1

2bfa915d180f12dba31dc04b79926115e413ab3d
SHA256

80a303b7aa3cd64e491ab99588561600cca94da743cde1a9a653f80bbebd1de0
SHA512

92b4c2d132e2cf9371ded39e7f6517ed32f4e28a08928e85d259ea1e23d518789dbbde960eff4af53f96a212c64f5b30c13f9f5270ea9ddc335728e2c4297395
SSDEEP

12288:+kxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz6:+RUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e27556d153b676db7f3bdf415990e109_JaffaCakes118

Files

e27556d153b676db7f3bdf415990e109_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4813a1129e4f7eeded759a36c07ddd3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetTickCount
SetConsoleCP
GlobalUnlock
GetModuleHandleA
CloseHandle
CompareFileTime
GetStdHandle
VirtualProtect
lstrlenA
LoadLibraryExA
GetSystemDefaultLangID
GetCommandLineA
HeapReAlloc
GetAtomNameA
GetVersion
HeapCreate
WaitForMultipleObjects
WaitForSingleObject
SuspendThread
InterlockedExchange

user32

GetCursorInfo
EnableScrollBar
InsertMenuA
DragObject
GetKeyboardLayout
IsDialogMessage
DestroyMenu
DispatchMessageA
GetDlgItem
FindWindowA
SetPropA
FillRect
SetWindowPos
CreateMenu
DialogBoxParamA
CreateIcon
SetScrollInfo
CopyImage
DrawCaption
GetKeyState
InvertRect

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ