e2aa0cf64e08138be86836c6f293f963_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2aa0cf64e08138be86836c6f293f963_JaffaCakes118
Size

17KB
MD5

e2aa0cf64e08138be86836c6f293f963
SHA1

3e48644fdc09bb57c946b490dd464ec4a39d166b
SHA256

e7c687a1f07e04770a8a7cd5a8fd425ce7a837f55802407b03ab48883c8a776e
SHA512

f9c71b6721d45e26c87959358825a2fdc9208863c324a1153217677705f6b0c82315c8eb3544c85b2bbcfc6382535973ce04d6cb7c0ac81024c56bbf0569828d
SSDEEP

192:JTtTTPMHS4zTBFq7cuvdUkciv0svTF7QPt8MrQ0GFSnHQM5yTg5:JVPnwFXuvRB8svTFEV8MrCuQq2g5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2aa0cf64e08138be86836c6f293f963_JaffaCakes118

Files

e2aa0cf64e08138be86836c6f293f963_JaffaCakes118
.exe windows:4 windows x86 arch:x86

515978b55dd768a04d97524fca06c419

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

1eleaseMutex
1etEvent
1lsFree
1etThreadLocale
1utputDebugStringA
1strcatA
GetConsoleCP
GetUserDefaultLangID
lstrcpyA
GetThreadTimes
IsDBCSLeadByte
GetModuleHandleA
GetNumberOfConsoleMouseButtons
VirtualAlloc
GetOEMCP
GetThreadPriority
GetExitCodeThread
EnumCalendarInfoA
GetDefaultCommConfigA
PulseEvent
TlsGetValue

user32

ReleaseDC
CloseWindow
RegisterClassA
GetFocus
GetClassNameA
IsIconic
GetForegroundWindow
IsWindowVisible
GetWindowTextA
GetSystemMetrics
GetWindow
ValidateRect
GetWindowTextLengthA
InvalidateRect
ShowWindow
GetDC
GetActiveWindow
GetClassInfoExA
ReleaseDC

tapi32

MMCSetLineInfo
MMCInitialize
MMCSetServerConfig
MMCShutdown
MMCSetPhoneInfo

mlang

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ