ec75e987e15ad187d914caf3dea98538_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec75e987e15ad187d914caf3dea98538_JaffaCakes118
Size

544KB
MD5

ec75e987e15ad187d914caf3dea98538
SHA1

06e259b61d1f7c35a9bd206fc7643602df43cbad
SHA256

991025d0d8765214355626a149e590e51ada74acf0c61471aac07e064865f453
SHA512

ed4a1f374f289451c60b250475f56ea60d6b6a8e8a2fce6fd985821f85be3e1f1498b19fd8d01d45100e7b351809660c9aa7e1f681ca2a41482b789288d33121
SSDEEP

12288:l8i3VhDKalHjS/SLFkQpo0PlWYmv3tLtDH:93zDK5qL5o0PkxvdL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec75e987e15ad187d914caf3dea98538_JaffaCakes118

Files

ec75e987e15ad187d914caf3dea98538_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c974c22430d94373bdcb0b3e478e4be3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
GetEnvironmentVariableA
EnumResourceLanguagesA
FreeConsole
GetProcessId
GetStringTypeExA
CreateFileA
WritePrivateProfileStringA
GetFileAttributesA
LZCopy
HeapReAlloc
GetConsoleInputExeNameA
GetOEMCP
GetLocalTime
HeapAlloc
VirtualAllocEx
GetConsoleOutputCP
OutputDebugStringA
SetComputerNameExW
UpdateResourceA
WriteProfileSectionA
SetEndOfFile

advapi32

RegCloseKey
DuplicateToken

user32

SetWindowLongA
GetWindowContextHelpId
GetLastInputInfo
SetProcessWindowStation
FlashWindowEx
ScreenToClient
SetSystemCursor
SetWindowWord
CreateCaret
DialogBoxIndirectParamA
GetWindowTextA
GetUserObjectInformationA
SetSystemMenu
IsDlgButtonChecked
SetSysColors
GetLayeredWindowAttributes
MessageBoxA
CopyRect

Exports

Exports

Xhnfauevc
Otnchnhm
Jjfpwtmtofq
Phdglqt
InitNbaebgfdi
CreateRjmwlju

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 508KB - Virtual size: 844KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ