ebd8497a113c38f693dcf914a7ae5a62_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebd8497a113c38f693dcf914a7ae5a62_JaffaCakes118
Size

328KB
MD5

ebd8497a113c38f693dcf914a7ae5a62
SHA1

ebaa4af7acdee46087f53e74769279652f4b967d
SHA256

6a6dd89675c144d85fdabed257781cbd10e2875d9996f0661f237fac381f8bb6
SHA512

8aed04c156ccf23104418b10730c57d9c6edbd9aef7a21e6f9589f64af305a6bd75aa839f8ccb942328c28215b4ac9abaa4d43764bcffe7fbcdc7501e802270f
SSDEEP

6144:DxVpBMDHXxy+CdFr/GJS0hGaMUXjyIU4Ozwp05M8:N7OD3wDjTGJZcatjQXzksM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebd8497a113c38f693dcf914a7ae5a62_JaffaCakes118

Files

ebd8497a113c38f693dcf914a7ae5a62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

585b84225f35c935d6cb66676dcaf966

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
HeapReAlloc
CompareFileTime
GlobalUnlock
SuspendThread
CloseHandle
SearchPathA
SetConsoleCP
InterlockedExchange
GetSystemDefaultLangID
HeapCreate
GetStdHandle
GetAtomNameA
GetVersion
WaitForMultipleObjects
GetModuleHandleA
GetTickCount
GetCommandLineA
WaitForSingleObject
lstrlenA
VirtualProtect

user32

DispatchMessageA
InvertRect
GetCursorInfo
EnableScrollBar
GetKeyState
SetPropA
CreateIcon
DispatchMessageA
InsertMenuA
SetWindowPos
GetKeyboardLayout
DrawCaption
CreateCursor
DestroyMenu
DragObject
MessageBoxA
CopyImage
SetScrollInfo
IsDialogMessage
CreateMenu
DialogBoxParamA
FindWindowA
GetDlgItem

advapi32

RegQueryInfoKeyA
RegCloseKey
RegEnumValueA
RegEnumKeyA
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ