17a0ec3126be2224c0b14a58967a7c5f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17a0ec3126be2224c0b14a58967a7c5f_JaffaCakes118
Size

277KB
MD5

17a0ec3126be2224c0b14a58967a7c5f
SHA1

2e335a817eeb917d37880ef56018d174feccf063
SHA256

c736566fe9cb0f21fab3b0a1b000d675a0d2007832e4025cc2e7e65c9b514890
SHA512

9ab587700d78a95882e9fcf39106c98ed91c1a1fb7b43047a48f9d9044584c8acae26b3cdef0b2f204b018e0c0e1f43838a436b34a9d57f3651b4920edca1b27
SSDEEP

6144:YZ1W3CCZ6is51CoH7p7Bfu4zIPm9CSrkX1bamFfznYIWUuREtK:BCnZ51CoHN7JcPx2MLnYLUoKK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a0ec3126be2224c0b14a58967a7c5f_JaffaCakes118

Files

17a0ec3126be2224c0b14a58967a7c5f_JaffaCakes118
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

172a223b5b6a0a4b9dde9d85e234f029

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetACP
WaitForSingleObject
CloseHandle
GetConsoleCP
CompareFileTime
GetTickCount
GlobalUnlock
GetStdHandle
TlsFree
lstrlenA
GetProfileIntA
InterlockedExchange
TlsGetValue
HeapWalk
VirtualProtect
HeapReAlloc
LoadLibraryA
GetAtomNameA
GetModuleHandleA
FindAtomA

user32

CopyRect
SetWindowPos
MessageBoxA
DispatchMessageA
GetScrollRange
PostMessageA
SubtractRect
InsertMenuA
DialogBoxParamA
ModifyMenuA
GetWindowTextA
UpdateWindow
LoadIconA
CreateCaret
PaintDesktop
GetDlgItem
GetKeyboardLayout
GetMenu
EqualRect
ShowWindow
SetPropA
GetMenuStringA
InflateRect
EnableScrollBar
TranslateMessage
DestroyMenu

msi

MsiEnumProductsA
MsiGetMode
MsiEnumClientsA
MsiCloseHandle
MsiDoActionA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ