e86877518ec77a26eb14a5ec461e4066_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e86877518ec77a26eb14a5ec461e4066_JaffaCakes118
Size

803KB
MD5

e86877518ec77a26eb14a5ec461e4066
SHA1

ba1cfbc107db2d4da58e99332ab3de38588d846a
SHA256

2cbed6d9668ce43c5f3969783f52852ee0566052a864a61e5f816fc10ce9af0c
SHA512

49d995e6df1dd7c27806ebfcf61e497f2556fe83ab1c01b26d3636225c0659978a5dcb56d9478f706cf2871e147b990242b19a9e026e6d4af4c02ad5b4300296
SSDEEP

24576:2c0taoefi5yMHxYU0DupUvJyCvTPcF6A2z:0NuGheU0aUvJy+zcFez

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e86877518ec77a26eb14a5ec461e4066_JaffaCakes118

Files

e86877518ec77a26eb14a5ec461e4066_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8f3b7ca899dfec3a5aa5fd2f0eefb35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtectEx
GlobalFlags
OpenEventW
CreateFileW
GetProcessVersion
CreateFileW
DeleteFileW
DeleteFileW
SetFileTime
HeapDestroy
GetCurrentThreadId
CreateDirectoryA
FindAtomW
GetDriveTypeW
GetModuleHandleA
OpenMutexW
GetFileAttributesA
GetVolumePathNameA
GetTickCount
LeaveCriticalSection
SetFilePointer
InterlockedExchange
GetModuleFileNameA
PulseEvent
IsValidLocale

user32

LoadCursorA
DestroyMenu
MessageBoxA
wsprintfA
GetWindowLongA
SetFocus
DispatchMessageA
DestroyIcon
GetWindowTextA
PeekMessageA
SetRect
IsMenu
GetWindowLongA

dpnhupnp

DllUnregisterServer
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE