eb701d80aef4c0b6f39c611d7b8b0c88_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb701d80aef4c0b6f39c611d7b8b0c88_JaffaCakes118
Size

125KB
MD5

eb701d80aef4c0b6f39c611d7b8b0c88
SHA1

8efc8509d85f0c0330bb90afd5d6835cf304d5c0
SHA256

e327427579dda9d00384c341bf914c80509ebe4ceecfebfb770e138a84cba87d
SHA512

59832af28e410d56dddd0c8627259df44ab5cec86c606ea85b17378c547be6916aa5e7cf96af58f5bf90c2dc8d5088e3bd01dcc04d01e7fc59d7929b077b0b62
SSDEEP

3072:4TQ92UmHy2ou7o6tgt9iA2vyrHLao9iqDPPm0afV+szL8PL:kY2Uhapo9+qrH/rDPu0awszq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb701d80aef4c0b6f39c611d7b8b0c88_JaffaCakes118

Files

eb701d80aef4c0b6f39c611d7b8b0c88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ca0fb11d8eddcf2a63ff9c38a7764f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
UnregisterClassA
MessageBoxW
CharNextA
LoadImageA
GetSystemMetrics
LoadStringW
DestroyWindow
CharNextW

kernel32

GetTickCount
lstrcmpiA
WideCharToMultiByte
GetStartupInfoA
SetLastError
GetEnvironmentVariableA
TerminateProcess
EnterCriticalSection
RaiseException
SizeofResource
SetFilePointer
lstrlenW
InterlockedExchange
CreateProcessA
LoadResource
EnumResourceNamesW
GetVersionExA
LeaveCriticalSection
Sleep
GetModuleHandleA
QueryPerformanceCounter
LockResource
ExitProcess
FindResourceExA
GetCurrentProcessId
GetCurrentThreadId
GetLastError
InterlockedCompareExchange
lstrlenA
GetSystemTimeAsFileTime
FindResourceA
MultiByteToWideChar
LocalAlloc
GetModuleFileNameA
GetCurrentProcess

shlwapi

PathAddBackslashW

clusapi

CloseCluster

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ