ece2e734ab5a5e712551e159d7e699ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ece2e734ab5a5e712551e159d7e699ad_JaffaCakes118
Size

303KB
MD5

ece2e734ab5a5e712551e159d7e699ad
SHA1

3560e6325045bda1c068bdcbee9eb2ef20c832e2
SHA256

dfc2a3b0738d3bee617940b6acf31a5adf16b2342dfefaa2ca4dcb8bba187baf
SHA512

21985b44413cae53f9efa7dbfed135ae6094cce2bce84c649f576104c881ed9b1c6e76d13abd27b03fe936312b9299e5bd0291ae16cfcc4063b77489fb1a0e07
SSDEEP

6144:8FW3iY0kWEi/4b+BQPNlYy16ch0tiXFchP8ybkTriDGw:8FW3nCEi/4bhTYy16G0YXFcBLbQGDGw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ece2e734ab5a5e712551e159d7e699ad_JaffaCakes118

Files

ece2e734ab5a5e712551e159d7e699ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e3c07c1d73fc269e143faa2e4cc7a4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
lstrlenA
WaitForSingleObject
GetStdHandle
HeapReAlloc
GetModuleHandleA
CloseHandle
CompareFileTime
GetVersion
InterlockedExchange
LoadLibraryA
VirtualProtect
GetACP
GetProfileIntA
GetAtomNameA
GetTickCount
GlobalUnlock
GetConsoleCP
FindAtomA
TlsFree
HeapWalk

user32

EnableScrollBar
GetScrollRange
MessageBoxA
SetWindowPos
GetMenu
GetSubMenu
GetDlgItem
ModifyMenuA
DispatchMessageA
GetMenuStringA
UpdateWindow
PaintDesktop
GetWindowTextA
TranslateMessage
InsertMenuA
ShowWindow
DialogBoxParamA
CopyRect
CreateCaret
InflateRect
SetPropA
EqualRect
PostMessageA
GetKeyboardLayout
SubtractRect
PostQuitMessage
LoadIconA
DestroyMenu

msi

MsiEnumProductsA
MsiCloseHandle
MsiEnumClientsA
MsiDoActionA
MsiGetMode

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ