e89df6db651c61caa3fe75743cad2715_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e89df6db651c61caa3fe75743cad2715_JaffaCakes118
Size

190KB
MD5

e89df6db651c61caa3fe75743cad2715
SHA1

fc78d34553b38b2192bb1cdae9cbf018c2278c5b
SHA256

ebe60286b64bcf50c3a219e0cbfd0468a67776b0b9cb9dda325950f4ac82b88a
SHA512

ce2d8e4a6f5ebf38392eb7c4902f734c02ad655e07657eed7caaeb5e8a60bb58349b90d6338266cead266968377b4609676b654caba34c238c1c9b65d780b3fd
SSDEEP

3072:dNaebmOheQpvnGZGDnWfMJfv5w72gguWb+yBL6XAhsiwZ1:vaeb/eQ4gnWfMJfve7tgui+yZ6Qhsi6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e89df6db651c61caa3fe75743cad2715_JaffaCakes118

Files

e89df6db651c61caa3fe75743cad2715_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5201f528e7835c8401eaf047b9b698ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetCommandLineA
GetCurrentDirectoryA
GlobalAddAtomW
LockResource
FindFirstFileA
FindResourceExA
EnumResourceNamesA
GetProcessHeap
SizeofResource
RaiseException
HeapAlloc
LocalFree
EnumResourceNamesA
LoadResource
LoadLibraryW
SetLastError
GetModuleHandleA
GetLastError
MultiByteToWideChar
FindFirstFileW
FindNextFileW
FormatMessageA
InterlockedExchange
EnumResourceLanguagesA
GetCurrencyFormatA
GlobalFree
CloseHandle
GetProcAddress
EnumResourceTypesA
Sleep

user32

IsWindowVisible
wsprintfW
EnumWindows
GetWindowThreadProcessId
GetWindowTextA
wsprintfA

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 103KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ