e88b5432d7fb0ed0907ca8228ae102cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e88b5432d7fb0ed0907ca8228ae102cd_JaffaCakes118
Size

7KB
MD5

e88b5432d7fb0ed0907ca8228ae102cd
SHA1

b8e33f8e3d8fe0bb228e223bf08017c2f1d9e0b8
SHA256

bb0c06930d2d8c949b60591142c458c5a9a3564f40d285aac5ca9e712be732c1
SHA512

8c0e99d135b254b8cd7284675eb301effb5eb6e2366f85a5e9302f5311b489e6a8f697f894d505ead703bc2992228a4c782b3bf045d19236e3c17a457d1d239c
SSDEEP

192:VhIWtRK/5hwWREvcSaH14QJh59NpJU7W:Ltc/TfRccSo13VjU7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e88b5432d7fb0ed0907ca8228ae102cd_JaffaCakes118

Files

e88b5432d7fb0ed0907ca8228ae102cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ec0dd99505187cb26c904e0dcc6dcb5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
CloseHandle
FindFirstFileA
CreateProcessA
lstrcatA
GetStartupInfoA
FreeLibrary
LoadLibraryA
CreateDirectoryA
Sleep
CreateFileA
GetProcAddress
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
GetTempFileNameA
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetShortPathNameA
GetLastError
CreateMutexA
lstrcpynA
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpiA
ExitProcess

user32

GetCapture
wsprintfA
GetActiveWindow

gdi32

GetBkMode
CreateCompatibleBitmap
GetBkColor
CreateCompatibleDC
GetBrushOrgEx

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 77B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE