e7f7d6e4b2de4754a269cb679f6cd177_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e7f7d6e4b2de4754a269cb679f6cd177_JaffaCakes118
Size

18KB
MD5

e7f7d6e4b2de4754a269cb679f6cd177
SHA1

25d9142f87a097b9be365075247360470835f6b4
SHA256

3189cd39a078005ea71460543b55282fd9c79e413e2888892f865842481650b3
SHA512

432991ae2f930229da3bd068bfe8385b59c2690636eb50aafc4c3bc028be758bd8466460330f4f596a2f79687d1ccbc9fcef845ea1d978212567ef35962bd011
SSDEEP

192:6SxMvFueHc3wKCRrucGU8IGAYJXVEODOIc1Sx+AduIoi9NsyjiZfk/ARN:1xMvFRKMGAYJeb14iIoq9CGy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7f7d6e4b2de4754a269cb679f6cd177_JaffaCakes118

Files

e7f7d6e4b2de4754a269cb679f6cd177_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21f211053c95f545c658005bd002d1a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntA
GetAtomNameA
WaitForSingleObject
HeapWalk
FindAtomA
GetStdHandle
HeapReAlloc
TlsFree
GetConsoleCP
CloseHandle
GetVersion
GetACP
GetTickCount
VirtualProtect
TlsGetValue
LoadLibraryA
GlobalUnlock
lstrlenA
GetModuleHandleA
CompareFileTime
InterlockedExchange

user32

MessageBoxA
GetDlgItem
GetWindowTextA
ShowWindow
SetPropA
InsertMenuA
GetMenuStringA
LoadIconA
CopyRect
InflateRect
PaintDesktop
PostQuitMessage
SubtractRect
DispatchMessageA
GetMenu
ModifyMenuA
DestroyMenu
GetKeyboardLayout
GetScrollRange
CreateCaret
EqualRect
EnableScrollBar
TranslateMessage
DialogBoxParamA
SetWindowPos
UpdateWindow
PostMessageA

msi

MsiCloseHandle
MsiEnumProductsA
MsiEnumClientsA
MsiDoActionA
MsiGetMode

clbcatq

CoRegCleanup

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ