0e27b1996b0d18ec6d1aa2e5d83df409_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e27b1996b0d18ec6d1aa2e5d83df409_JaffaCakes118
Size

93KB
MD5

0e27b1996b0d18ec6d1aa2e5d83df409
SHA1

498a5f8b6b09e08c9f6805681ba4aa85c7daebac
SHA256

f437bde1b78969a6a8d938decd5a6d9dfad28595fe0f1adb7df58aa2c2257a46
SHA512

678c44c56a2f0fd30a9e04279c9a2fc92b4a7a2c0c4917f1d6e2cfc02b87d3baa27f3a5eeb83bb6bea05f6a6e690f4b3acad06904acccb1526fdbdd80a63b9bd
SSDEEP

1536:tswB/GWGYrUxWzIMJ4B/XQFuhkmzjM627y0Wu67l+nGHsxUleZwZ4rhZfArqPCcD:3gWGPWzIE4t5H32Ba+nNxiZuRPCcCqL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e27b1996b0d18ec6d1aa2e5d83df409_JaffaCakes118

Files

0e27b1996b0d18ec6d1aa2e5d83df409_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b521aefd80a7580a0e43c566b3003c6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
EnableScrollBar
CheckDlgButton
SetWindowTextA
IsDlgButtonChecked
GetWindowLongA
GetClipboardViewer
BeginPaint
EndPaint
LoadIconA
DispatchMessageA

gdi32

CreatePatternBrush
SetMapMode
CreateRectRgn
DeleteObject
GetStockObject
SetBkMode

ole32

CoIsOle1Class
StgIsStorageFile
CoWaitForMultipleHandles
CoGetStandardMarshal
CoUnmarshalHresult
OleSetContainedObject

kernel32

EnterCriticalSection
QueryPerformanceCounter
InterlockedDecrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
HeapFree
GetFileAttributesA
GetACP
GetLastError
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapCreate
HeapDestroy

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE