ea4050ceb7e7ecffc0ed941ba7033315_JaffaCakes118 | Triage

Sharing

General

Target

ea4050ceb7e7ecffc0ed941ba7033315_JaffaCakes118
Size

715KB
MD5

ea4050ceb7e7ecffc0ed941ba7033315
SHA1

643b19b935e433d919a7c33832e078bf42a0fdd2
SHA256

f294ee29cf67b7e021056ded5ecabdfb56d612087119b4bf72ea4ef3e840a44d
SHA512

851046117bd086c050b0861214902bd84c340f12398ab6d7c7a70221bb649fc451c560ef4377dae7a2ccce6309d1d437ee254ec1adf6b5519c8f5cae61f9ecb0
SSDEEP

12288:yTneIYcKGmnrlryFXif9Igb4J7rirzHQn1y5xOaoHx/IsoBdAyHdLjFSp+:yTnepfhRryFS6IcKwc5xFo1IsoB/jcp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea4050ceb7e7ecffc0ed941ba7033315_JaffaCakes118

Files

ea4050ceb7e7ecffc0ed941ba7033315_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7713c5ee5ef1037f451087565fa8a22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
InterlockedExchange
SetEvent
LoadLibraryW
HeapWalk
lstrlenA
FindAtomA
TlsFree
GetTickCount
GetModuleHandleA
VirtualProtect
GlobalUnlock
GetProfileIntA
GetACP
WaitForSingleObject
ResetEvent
HeapReAlloc
GetAtomNameA
GetConsoleCP
CompareFileTime
GetVersion

user32

GetScrollRange
PostMessageA
GetWindowTextA
GetWindowLongA
SetPropA
GetDlgItem
DispatchMessageA
CopyRect
GetSubMenu
LoadIconA
UpdateWindow
GetMenu
GetKeyboardLayout
PostQuitMessage
DialogBoxParamA
EnableScrollBar
EqualRect
SetSysColors
GetParent
ShowWindow
SetWindowPos
MessageBoxA
InflateRect
DestroyMenu
TranslateMessage
ScrollDC
GetMenuStringA
ModifyMenuA
InsertMenuA

msi

MsiEnumProductsA
MsiEnumClientsA
MsiCloseHandle
MsiGetMode
MsiDoActionA

apphelp

ApphelpCheckExe

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ