ebab35f439e8c07a1235caaa6e110483_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebab35f439e8c07a1235caaa6e110483_JaffaCakes118
Size

311KB
MD5

ebab35f439e8c07a1235caaa6e110483
SHA1

a99346882438dbec1b8cfcc4cbedb32d657d4404
SHA256

75f8e6334e1af9db6ff22ad38409cd7ae100a5ccd4ad87c9fdddd580fd66003d
SHA512

02cae546de6fc7a6f3f59f1d39a4f1f1ca904bbb4168ac60d5fefaac1c6d1ae64b78c550d9b453ccc2203cb279c605fa85ffba0c6b91e25c407ec0bd51027c4e
SSDEEP

6144:wb8+UfrXNLVqR4YzmhHrJ79tZIDV5f/yib5vLLoYqzI5EHu:wbIjem4mxP7IJ5f/y2vLT95yu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebab35f439e8c07a1235caaa6e110483_JaffaCakes118

Files

ebab35f439e8c07a1235caaa6e110483_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40b703dc095d4d6a14ac6d39056f6533

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateThread
GetFileSize
GetTickCount
GlobalAlloc
GlobalFree
GlobalLock
LeaveCriticalSection
LoadLibraryA
LocalLock
OpenEventA
SetErrorMode
SetEvent
SetFilePointer
SetThreadPriority
Sleep
TerminateProcess
TerminateThread
WaitForSingleObject
WriteConsoleA
lstrcmpA
lstrlenA

user32

BeginPaint
CheckDlgButton
ClientToScreen
DestroyWindow
EqualRect
GetClientRect
GetFocus
GetWindowLongA
InflateRect
KillTimer
PostQuitMessage
SubtractRect
SystemParametersInfoW
TrackPopupMenuEx

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ