e91c985ea2b34ab5271cab48a5f94ee3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e91c985ea2b34ab5271cab48a5f94ee3_JaffaCakes118
Size

41KB
MD5

e91c985ea2b34ab5271cab48a5f94ee3
SHA1

5fef9da1814fc2093c21a783779420951a0234f6
SHA256

9153cbcfbc8e9af8c371b390e55bc4cfd1a1fe43f8fae0855c3148b7cf3a9c08
SHA512

035b2a978f2d475624c1c8646cb1e03c9fbdb3f8e279e083990c3f6679eb98f12d0e24d667dda582a2166ac3b25e9e17eef3c4ce019a64d05364022ab4d0e48f
SSDEEP

768:utlv1ZfCix2KJGRkucEvD/TylBM9Uv5CHgLCJ9nvWipOpTkprnYhfnvx2pYM+fIb:qdQix2KJGe6D/TWM1HgC9nvDRprnenvg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e91c985ea2b34ab5271cab48a5f94ee3_JaffaCakes118

Files

e91c985ea2b34ab5271cab48a5f94ee3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87094fd8bf2ab004d52553a520cbf5ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
FreeLibrary
GlobalFree
GetStartupInfoA
LocalFree

msvcrt

_controlfp
_acmdln
__set_app_type
memmove
_except_handler3
__p__fmode
_c_exit
wcschr
_XcptFilter
_adjust_fdiv
__setusermatherr
_initterm
_exit
exit
wcslen

gdi32

MoveToEx
GetDeviceCaps
GetPixel
CreateCompatibleDC
GetTextColor
GetTextMetricsA
GetObjectA
ExtTextOutA
GetBkColor
SetBkMode
SelectObject
PatBlt
SetROP2

user32

DispatchMessageA
GetFocus
CreateWindowExA
DialogBoxParamA
SetWindowTextA
MessageBoxA
EndPaint
EndDialog
PostQuitMessage
TranslateMessage
ScreenToClient
DestroyWindow
GetMessageA
LoadIconA
DefWindowProcA

Sections

.text
Size: 1024B - Virtual size: 926B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrs
Size: 34KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ