e8b96af2db81291179c27d75abdb98dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8b96af2db81291179c27d75abdb98dd_JaffaCakes118
Size

181KB
MD5

e8b96af2db81291179c27d75abdb98dd
SHA1

60ead676669e307df928d4ffc15820cf343ba254
SHA256

e3028e7b85b32ba8f148d7088e960d502133c51e6b98aa9842a16faca37e547e
SHA512

5cbf116d17815986682107655a0706775a7765b2e23781a63f73af974fcb2673059927bee6b932ccddcd6a7e49a72cb2b2b2bcec98b49fe42e4535ffcbd948d3
SSDEEP

3072:1QibKEj6DqhXV1dv9RBUf5SjCKkjdMykFuIuY/cXeMdDGjwOTLW2vhkY577N:1nQ6jv/BUnjdMFFcuHMdxqhZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8b96af2db81291179c27d75abdb98dd_JaffaCakes118

Files

e8b96af2db81291179c27d75abdb98dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27efa539f0ad9a78d835385980ff30b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCP
GlobalUnlock
SuspendThread
WaitForSingleObject
GetModuleHandleA
LoadLibraryExA
lstrlenA
HeapReAlloc
HeapCreate
GetVersion
GetSystemDefaultLangID
GetCommandLineA
WaitForMultipleObjects
CompareFileTime
InterlockedExchange
GetTickCount
CloseHandle
GetStdHandle
GetConsoleCP
GetAtomNameA
VirtualProtect

user32

SetWindowPos
CreateIcon
GetDlgItem
CreateMenu
InsertMenuA
FindWindowA
DestroyMenu
IsDialogMessage
InvertRect
FillRect
EnableScrollBar
GetCursorInfo
SetScrollInfo
CopyImage
GetKeyboardLayout
DrawCaption
DialogBoxParamA
SetPropA
GetKeyState
CreateCursor
DispatchMessageA
DragObject

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ