e95144153b332a202cae46e69cefad7e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e95144153b332a202cae46e69cefad7e_JaffaCakes118
Size

18KB
MD5

e95144153b332a202cae46e69cefad7e
SHA1

15eecbb92a941f6c5808ac5acf63f1a3df7a71be
SHA256

f202a20d056ac1cd5db6e350b326679bc540c8dd41bf7ec50645469f480b5101
SHA512

10405aa46e19d39b09dcb00d836e91a76b58a9d761de24ed5a03e99217cef8e5a82e23a3310e25b7561440f87d25c616ea4c9459cd6d813b8544d9d619d645fb
SSDEEP

384:h69OSgy72K6wDJe6Ap14islB7f2qk5d+Ml25IIfx:h+gy6K6kJVfBr2b5rlafx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e95144153b332a202cae46e69cefad7e_JaffaCakes118

Files

e95144153b332a202cae46e69cefad7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c45d6afa6849315164aa55fbf00cee6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetModuleHandleA
HeapReAlloc
lstrlenA
GlobalUnlock
VirtualProtect
GetTickCount
WaitForSingleObject
CompareFileTime
LoadLibraryA
FindAtomA
InterlockedExchange
HeapWalk
GetACP
CloseHandle
GetVersion
GetProfileIntA
GetAtomNameA
GetStdHandle
GetConsoleCP
TlsFree

user32

UpdateWindow
SetPropA
GetMenu
EqualRect
GetKeyboardLayout
SetWindowPos
CopyRect
GetMenuStringA
EnableScrollBar
DialogBoxParamA
PaintDesktop
ModifyMenuA
MessageBoxA
DestroyMenu
InflateRect
LoadIconA
GetDlgItem
SubtractRect
TranslateMessage
GetWindowTextA
CreateCaret
GetScrollRange
InsertMenuA
PostMessageA
PostQuitMessage
ShowWindow
DispatchMessageA

msi

MsiCloseHandle
MsiEnumClientsA
MsiEnumProductsA
MsiGetMode
MsiDoActionA

clbcatq

CoRegCleanup

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ