e8a3baac7fe5e7f3c55fd14ce69640fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8a3baac7fe5e7f3c55fd14ce69640fb_JaffaCakes118
Size

646KB
MD5

e8a3baac7fe5e7f3c55fd14ce69640fb
SHA1

3ce9309e210ea285577c6a34591d07ef20bcb5ba
SHA256

dc782bc44c54d0b4f8f180db122dea118d44e419d22828aba8822464f821543f
SHA512

363bbdb679e0fc3cc91670b07cf36365e48cc8680443e6de8bfdcddbcb6bde5a5cb137aec29eda73fbd7adf74ea32e64af271ef214f0894b5388dff4b460c836
SSDEEP

12288:5L8u9EiWAqlVpfmlTXgE7ANCpowTBElAWZv1W09IZDtr+tsaXE1i5+5:5H6NlLfETwHYpowTBQVJ1W+IZDUuIE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8a3baac7fe5e7f3c55fd14ce69640fb_JaffaCakes118

Files

e8a3baac7fe5e7f3c55fd14ce69640fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84892881d5d0b76150e01b24196701e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetCommandLineA
HeapCreate
HeapReAlloc
GetACP
GetModuleHandleA
GetConsoleCP
LocalLock
WaitForSingleObject
LoadLibraryExA
InterlockedExchange
WaitForSingleObject
ResumeThread
GetSystemTime
GetAtomNameA
lstrlenA
VirtualProtect
GetUserDefaultLangID
GetConsoleDisplayMode
GlobalSize
SetLastError

user32

GetParent
DrawTextA
FrameRect
GetClassNameA
GetDC
ReleaseDC
AnyPopup
ShowWindow
wsprintfA
GetTitleBarInfo
GetFocus
CreateIcon
SetForegroundWindow
EndPaint
DragDetect
FillRect
GetWindow
BeginPaint
GetCursorPos

ntshrui

GetLocalPathFromNetResourceA
SetFolderPermissionsForSharing
DllCanUnloadNow
DllGetClassObject
GetNetResourceFromLocalPathA

msacm32

acmFilterEnumA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ