07ce75274d77a24fc520cada0493744d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07ce75274d77a24fc520cada0493744d_JaffaCakes118
Size

244KB
MD5

07ce75274d77a24fc520cada0493744d
SHA1

79677a43e45a1b410502b09bacff76b52cc1ea18
SHA256

47f26c0500c74e78ae66db4902786feaeb10c3c395a1d01ab14d78848f51acd9
SHA512

df83dd718ff44a29272cb462c93ce8c9a9fe5fabe023845f31c60f37d2f2734ca69870a36b3313b922f54709ce8ff909193ef2865316a7b109adcc07962daec5
SSDEEP

6144:w4spes4G1+JW4o1ISKEEoR9tUAxqcLjsj5sWUzrbwnVe:iR1+jSpEoRzUA4Usj5sWUznwnI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07ce75274d77a24fc520cada0493744d_JaffaCakes118

Files

07ce75274d77a24fc520cada0493744d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16679d8084a2d583b157bd5b6fc07659

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
HeapReAlloc
GetACP
GetModuleHandleA
TlsFree
GetVersion
GetTickCount
lstrlenA
GetAtomNameA
TlsGetValue
VirtualProtect
CompareFileTime
InterlockedExchange
GetStdHandle
CloseHandle
HeapWalk
WaitForSingleObject
GlobalUnlock
GetConsoleCP
FindAtomA
GetProfileIntA

user32

SetWindowPos
InsertMenuA
LoadIconA
PaintDesktop
PostQuitMessage
CreateCaret
GetDlgItem
CopyRect
DialogBoxParamA
TranslateMessage
EnableScrollBar
GetSubMenu
ShowWindow
GetWindowTextA
DispatchMessageA
InflateRect
MessageBoxA
UpdateWindow
GetMenuStringA
PostMessageA
GetKeyboardLayout
EqualRect
DestroyMenu
GetMenu
SetPropA
SubtractRect
GetScrollRange
ModifyMenuA

msi

MsiEnumProductsA
MsiCloseHandle
MsiDoActionA
MsiGetMode
MsiEnumClientsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ