ece41ffcb092a34f753735cd53c28f82_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ece41ffcb092a34f753735cd53c28f82_JaffaCakes118
Size

183KB
MD5

ece41ffcb092a34f753735cd53c28f82
SHA1

027688b8a19fb2a88349cc44951d62a2bca7ff23
SHA256

bf366c37f5d5362a6d777d21776c66955339e2fd48705821b15c8bc4cfd61be6
SHA512

a4d70654446132035a721a2978214e30a4de87d9e0214126356c42888fc268470c0784240c3c26c6dae00df283b8d7f886f3a759e73edaa001dd9ecb1013be2a
SSDEEP

3072:PUQNyHfR+JmKE8wwKymOfDwUH3yhJeK84OTIlYfT/WS/b6IZZ6ONxa/:xgRQPmu1H30mcOfjFz6WZHK/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ece41ffcb092a34f753735cd53c28f82_JaffaCakes118

Files

ece41ffcb092a34f753735cd53c28f82_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5dcc8b02655883993b9691155bc55d50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\UibrNujy\FxPyo\raaIBzi.pdb

Imports

kernel32

SetThreadLocale
SetHandleCount
GetProcAddress
IsDBCSLeadByte
LoadLibraryW
GetSystemWindowsDirectoryA
LCMapStringA
FileTimeToDosDateTime
SetLastError
GetFileType
lstrcmpiW
VirtualFree
GetModuleFileNameW

gdi32

LPtoDP
GetTextExtentExPointW
GetNearestPaletteIndex
CreateHatchBrush
ExcludeClipRect
SetLayout
GetLayout

user32

InsertMenuA
PostThreadMessageW
EqualRect
GetWindow
LoadIconA
DeferWindowPos
mouse_event
CharNextA
GetPropA
DefWindowProcW
GetWindowLongW
ShowScrollBar

Exports

Exports

?uxidrJsIrOYDcsQmA@@YGKN@Z
?pFrPjolrpBw@@YGPAGPAFF@Z

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ